Current location - Education and Training Encyclopedia - Education and training - Ccrc certification qualification
Ccrc certification qualification
1. What is CCRC?

CCRC is the qualification of information security service and the qualification of information security service institutions to provide security services, including legal status, resource status, management level, technical ability and other requirements. Information security service's qualification certification is based on national laws and regulations, national standards, industry standards and technical specifications, as well as basic certification norms and certification rules, and evaluates the qualifications of information security service provided by information security service institutions.

Information security service's qualification level is divided into Grade I, Grade II and Grade III * * *, with Grade I being the highest and Grade III the lowest. * * * is divided into eight different directions, namely: security integration, security operation and maintenance, emergency response, risk assessment, disaster backup and recovery, security software development, network security audit and industrial control system security. Applicants can apply for the corresponding direction according to their own business needs.

2. What are the benefits of certifying CCRC?

(1) is the basis for enterprises to obtain certification and recognition from third-party authorities;

(2) It is the basis for the demand side to choose, which can improve the demand side's trust in service providers;

(3) Standardize management and technology to improve customer satisfaction;

(4) Broaden the business scope of enterprises and gain more business opportunities.

3. How long is the validity period?

The certificate is valid for one year and updated once a year. Supervise and audit the certified institutions once a year (no more than 12 months). For institutions that have obtained certification for the first time, on-site supervision and audit shall be conducted within 12 months.

4, CCRC certification conditions

The CRCC level 3 assessment project requires the company to be established for not less than 4 months; No less than 10 social security employees (including no less than 1 person for six-year undergraduate graduates, no less than 2 graduates for three-year undergraduate or four-year junior college graduates, and computer science is preferred); Require two people to participate in foreign training and obtain CISAW training certificate in the corresponding direction; For the initial application, at least one project should be signed and completed within three years, and at least 1 project should be signed and completed within one year at the time of annual review; The scope of the business license at least includes "the business scope of the application direction" or "computer technical service and technical consultation".

5, CCRC certification cycle and process

The first/second certification cycle is generally 12 weeks, and the third certification cycle is 4 weeks.

The certification cycle includes the actual time from the date of formal acceptance of the application to the issuance of the certification certificate, excluding the time for the applicant to prepare or supplement the materials.

6. Annual supervision

1) Only the company name and registered address change, you can apply for certificate change (apply at any time);

2) Off-site supervision and audit, providing the receipt of the notice of supervision and audit, the self-evaluation form of the corresponding professional direction, the non-conformities issued by the public management department in the previous year and the rectification of the observation items;

3) On-site supervision, reviewing all factors, focusing on the nonconformities and observations that occurred in the previous year.

7. Supervision and audit cycle after obtaining the certificate

1) Supervision and audit is required every year, and the receipt of the supervision and audit notice and the self-assessment form shall be submitted two months in advance (the system will notify you by email three months in advance);

2) In principle, the regulatory audit after the Shanghai Stock Exchange 1 year is on-site audit;

3) In the case of controllable certification risks, in principle, the second year of the Shanghai Stock Exchange is an off-site audit, the third year is an on-site audit, and so on;

4) If there is any situation that affects the validity of certification, increase the frequency of on-site audit and the audit intensity of some projects.

Related articles
  • My girlfriend did a job that I couldn't accept. Princess DJ, what should I do?
  • How to apply for a seaman's certificate requires formalities and fees.
  • Is Rugao technical secondary school a technical school?
  • How to make Dragon Boat Festival by hand with clay?
  • What should I do if I don't meet the standard after the entrance training in Jiangsu Times?
  • Salary training
  • Does No.3 Factory in Zhongyuan District, Zhengzhou, Henan Province have a primary school English tutorial class?
  • How does Hengshui enroll students?
  • Where is subject four trained?
  • Subject guidance in primary and secondary schools in Orff education

    • copyright 2024 Education and Training Encyclopedia All rights reserved