CESG Logo
 
The National Technical Authority for Information Assurance
 
CESG Web logo
 
  ABOUT US   SERVICE CATALOGUE   PUBLICATIONS   POLICY & TECHNOLOGIES   FIND A .....
 
Service Catalogue Home

CHECK
What is CHECK?
Find a CHECK Service Provider and Validate Personnel
Why you need a CHECK Service Provider
Fundamental Principles of the CHECK Service
CHECK Reporting Requirements
How Do I Use a CHECK Service Provider?
Why should I become a CHECK Service Provider?
Customer Feedback for CHECK Provider work
Applying For CHECK Membership
CHECK Contact information

A to Z

 
General Enquiries image
 
CHECK LogoCHECK Team

A CHECK team is composed of at least one team leader (someone who has passed either the CESG accredited CREST or Tiger Scheme examination) and a number of team members. Obviously, the CHECK team leader will need to be an experienced penetration tester in order to pass the assault course.

CHECK Team Members must pass the CHECK TM qualification, Team Members must also be experienced penetration testers who will work towards successful completion of the CHECK TL examination.

The purpose of the CHECK scheme is to provide assurance that a penetration test of a HMG network will be performed to certain standards. The composition of the CHECK team is considered to be a critical component in assuring the quality of work performed by the team. It is for this reason that we review the technical experience of team members and ask for the information detailed below.

Each proposed team member must submit a current Personal CV that details previous relevant job history as well as key skills and experience as follows:
  • Personal details: Full name, home address, contact telephone number, national insurance number and date of birth.
  • Employment: Full employment history, with dates. A brief description of you responsibilities must be included for every relevant technical position held.
  • Education: Full education history, with dates.
  • Professional qualifications and membership: Details of professional qualifications and membership of professional bodies, with dates.
  • Training: Details of any relevant technical training received, with dates.
  • Relevant skills and experience: Details of key technical skills and notable tasks performed.
We also require that each team leader submits answers to the following specific questions:
  • In the previous 3 years, how many months have you been employed primarily as a pen tester?
  • In the previous 12 months, how many penetration test have you personally conducted?
  • How many penetration test reports have you personally written in the last 12 months?

Answers to these questions should be submitted separately to the CV. Prospective team members will have passed the CESG approved assault course. Updated information on all team members (including CVs) should be provided yearly. Prospective team leaders will have passed the CESG approved assault course, in addition a minimum of 12 months pen testing will be required to be demonstrated in the last 36 months.

Note that inexperienced and trainee penetration testers will not be accepted into a CHECK team and that CHECK work should not be used as a training assignment without the approval of CESG.

As CHECK is a penetration testing scheme, we will not normally approve the addition of individuals who are not penetration testers. This includes individuals who have information security experience outside of penetration testing, such as policy work, risk assessment and so on.

Back to Applying For Check Membership
Products Footer image
 © Crown Copyright, 2011. This CESG Website is maintained for your personal use and viewing. Access and use by you of this site constitutes acceptance of our terms and conditions which take effect from the date of first use. Click here for our terms and conditions CESGweb@cesg.gsi.gov.uk