Login to profile


CHECK-Exam-Provider logo

CHECK is a UK Government programme under which the National Cyber Security Centre (NCSC), which is part of the Government Communications Headquarters (GCHQ) approves cyber security service providers to carry out authorised penetration tests of public sector and critical national infrastructure (CNI) systems and networks.

Companies providing CHECK services must do so using staff who hold NCSC-approved qualifications and have suitable experience. Penetration tests must be conducted using NCSC-recognised methods.

CREST works in collaboration with the NCSC to provide a set of examinations that are acceptable to industry and meet the requirements of private and public sectors.

The NCSC now requires all existing and future CHECK Team Leaders and Members to have passed an approved professional examination designed to test for a basic grounding in the discipline.

NCSC will accept a pass from one of the following CREST examinations when approving CHECK Team Leader and Team Member status.

  • CHECK Team Leader (Infrastructure) – CREST Certified Infrastructure Tester (CCT Inf)
  • CHECK Team Leader (Web Applications) – CREST Certified Web Application Tester (CCT App)
  • CHECK Team Member – CREST Registered Penetration Tester (CRT)

A pass in any one of these examinations merely demonstrates technical competence and does not replace the other requirements to attain CHECK Team Leader/Team Member status.

More information on the CHECK scheme can be found at CHECK – penetration testing – NCSC.GOV.UK.