25.9.12
This website uses cookies to ensure you get the best experience on our website. Learn more

Certified Cyber Security Examiner

The holder of this certificate and badge is a participant in good standing in the CSBS Education Foundation Examiner Certification Program. The holder has demonstrated compliance with all requirements of the Certified Cyber Security Examiner credential as set forth at https://www.csbs.org/certified-cyber-security-examiner-ccse. The CCSE credential is appropriate for individuals who have completed a minimum of five years examination experience, which may include a combination of IS/IT/cyber security examination and bank safety and soundness examination experience. In addition, participation in a minimum of five examinations over that period to include A- or B-rated financial institutions or third-party service providers as defined by the FDIC's InTREx Program is required. Lastly, completion of at least 96 hours of advanced relevant education courses over the three years immediately preceding application is required. To maintain certification, CCSE credential holders must complete 63 hours of applicable continuing education during the three-year term of certification. At least five hours of continuing education each year must focus solely on cyber security and forensic training. Additional continuing education should be selected with the goal of maintaining, improving, or expanding the examiner’s knowledge, skills, and abilities in this specialized field of examination. The CSBS Examiner Certification Program is fully compliant with the best practices outlined in ISO 17024, the industry standard for certification entities.

Skills / Knowledge

  • Determine the effectiveness of an institution's cyber security risk identification and management process
  • Understand the terms "data at rest" and "data in transit/motion" and the technology used to secure both
  • Assess institution's mitigating controls and implementation plan
  • Assess institution's risk monitoring and reporting processes
  • Assess institution's corrective action processes
  • Make appropriate control recommendations to reduce institutional risk
  • Provides effective and accurate evaluation of the overall activities of the institution's IT/IS/cyber security function
  • Demonstrates knowledge of policies, procedures, laws, rules and regulations
  • Follows established examination procedures to collect and analyze data
  • Evaluates the adequacy of security policies and standards relative to the risk profile of an institution
  • Develops correct conclusions from collected data
  • Reviews reports for accuracy, content, conclusions, and proper grammar
  • Evaluates and adjusts scope of examination as each situation requires
  • Demonstrates understanding of recommendations and is able to provide source documentation to address issue or practice
  • Adheres to agency and federal examination procedures and policies
  • Recommends and organizes examination tasks
  • Ensures pre-examination planning and requests are successfully completed in a timely manner
  • Organizes and effectively documents work papers according to prescribed procedures
  • Knowledge of application laws/regulations and ability to apply knowledge to the examination process
  • Clearly communicates assignments to assisting personnel
  • Clearly communicates with financial institution personnel to obtain information
  • Clearly communicates examination findings to financial institution or independent trust institution and to supervisory personnel
  • Prepares written comments which are accurate, grammatically correct, logically arranged, and factually support any conclusions drawn
  • Conducts meetings with management and the boards of directors of financial institutions and of independent trust companies
  • Coordinates examination planning and execution with other state and federal supervisory authorities as needed

Issued on

July 22, 2021

Expires on

December 31, 2027