CESG has updated the standards for the Certified Cyber Security Consultancy scheme.
The key changes are:
- Removal of 3 service categories – Governance, Information Security Strategy, and Legal & Regulatory Environment – whilst CESG further develops the assessment criteria for them
- Changes to the professional certifications and academic qualification for HEAD Consultants in some service categories whilst CESG continues to assess their validity
- Reshaping the Professional Cyber Services Framework requirements to separate the obligation for companies to provide confirmation that they meet the requirements from their obligation to provide evidence which may be used during interviews and quality audits.
A further revision of these standards will be published in the autumn, bringing in the results of the work outlined above and experience gained from the initial assessments under the scheme.