ACS certification

When you click on 'Apply Now' above you will be asked to upload the following documentation in PDF format:

1. CV

• Detailed history of your tech employment: list of qualifications; basic personal details, summary of each role (most recent first) with start and end dates, and a description of your key activities, outcomes and levels of responsibility

2. Qualifications

• Digital copy of qualifications: certificate and transcript
• Digital copy of TAFE qualifications: provide units/subjects and grades
  
  
• Vendor certificate with online validation details (not older than five years)

3. Experience - to make your application stronger supply multiple episodes

For each of your relevant experience episodes you will be asked to create an entry, provide dates and upload supporting documents in PDF format; these may include: 

• A list of your main roles and responsibilities for the position. This may be taken (or expanded) from your curriculum vitae
• Employment performance reviews, project reports or position descriptions
• Copies of presentations, newspaper articles, magazine or newsletter contributions
• Client testimonials, YouTube videos, LinkedIn profile
  
  
• Endorsements, evidence of work undertaken or publicised 

4. Referees

• Nominate two referees to vouch for your professional experience, ensuring their availability to respond to ACS enquiries in the next month
• For each referee provide name, email address, phone number, company and role

5. English language test

If you currently live in a non-English speaking country, you will be asked to upload a certified copy of your English proficiency test. You need the following minimum scores to be eligible: 

• IELTS – 6 (Overall Band Score)
• TOEFL – 60 (Total Score)
• PTE Academic – 50 (Overall Score)
• Advanced (CAE) - CEFR Level B2 (for both pre and post 2015 scorecards)

Document quality

We no longer require certified documents but need high quality scanned images of originals (preferably 600dpi) that can be inspected for originality. 

Interview

Our Assessor may contact you via phone or video conference to clarify tech skills and knowledge.

To find out more, read the ACS Certification Guidelines.

As an individual you can Join or Get Certified Now.

Please find the fee schedule for new and current members as at 1st June 2023:

What are the CPD obligations for CP and CT members?

As a CP or CT member you will be obliged to maintain online records of technical events, training and other recognised forms of professional development. The minimum per year is 30 hours for CP and 20 hours for CT members.

Why does ACS impose CPD requirements?

CPD is a universal expectation across regulated and recognised professions. Tech professionals manage critical functions and major public risks and need to keep up to date to warrant public trust and recognition. CPD is also a legal requirement of CP members under the ACS Professional Standards scheme.

What if I don’t keep up my CPD?

If you don’t meet CPD requirements by the anniversary date of your certification, your CP or CT status will automatically lapse and you will not be permitted to use the designation or enjoy the benefits of certification.

If I lose my CP or CT status, can I requalify?

If your certification has lapsed within three months, simply enter your CPD hours for the previous year. If it has been longer, contact member services for instructions about reinstating.

How are CPD hours awarded for ACS events?

CPD hours for ACS events are usually automatically recorded within a week of the event. For information on the hours you can claim visit the ACS Events listing.

How are CPD hours awarded for non ACS events or training?

You can claim CPD hours for non-ACS events you attend. To calculate the hours, work out how much time was spent in the sessions, excluding meal breaks. You can enter these hours via the online CPD log.

If I accumulate 30 CPD hours in a year, do I automatically get CP status?

No. Associate members must first apply for certification. If you are already a CP, please record the correct hours in each certification year and your status will be extended by 12 months.

If I accumulate 20 CPD hours in a year, do I automatically get CT status?

No. Associate members must first apply for certification. If you are already a CT, please record the correct hours in each certification year and your status will be extended by 12 months.

Over what period of time are CPD hours calculated?

Your CPD hours are calculated 12 months from the date you are certified. The expiry date will be the last day of the month for both CT and CP.

Why did ACS develop a cybersecurity certification?

With heightened awareness of the need to lift cyber resilience in Australia, an ACS Cyber Taskforce headed by Dr Jill Slay was established to review global cybersecurity frameworks and identify best practice professional benchmarks.

On September the 6th 2017, the Hon Dan Tehan MP, Minister Assisting the Prime Minister for Cybersecurity launched an extension to the ACS Certified Professional and Certified Technologist schemes, recognizing the importance of cybersecurity to Australia’s growing digital economy.

Who can apply for certification?

All members of the ACS who are also working in a cybersecurity-based role are eligible to apply for certification. Members are assessed based on experience, education and related security-based vendor certifications.

How much does it cost to be a CP (Cyber Security) or CT (Cyber Security)?

For non-­members, a membership application for the ACS is $374 incl. of GST and then a certification application is $346.50 incl. of GST is charged. For existing members (including current CP’s and CT's) the cost of the certification application is $346.50 incl. of GST.

Who was consulted from industry?

The cybersecurity certification was developed with input and industry consultation including the Australian Taxation Office, PWC, Austrac, CREST, AISA & RSA.

What is required to become a cybersecurity specialist?

Cybersecurity certification requires:

• That applicants work in a predominantly IT security based job role
• Have worked in tech for a minimum number of years based on Cyber CT/CP pathway
• For CP – an applicant must be able to demonstrate in-­depth capability in 4 skills from the following list of level 5 (or higher) of the Skills Framework for the information Age (SFIA)
  • IT Governance, Information Management, Information Security, Information Assurance, Business Risk Management, Penetration Testing, Security Administration, Programming/Software Development, Systems Software, Testing and Asset Management
• For CT -­ an applicant must be able to demonstrate in-­depth capability in four skills from the following list of level 3 (or higher) of the Skills Framework for the information Age (SFIA)
  • Information Management, Information Security, Information Assurance, Business Risk Management, Systems Development Management, Asset Management, Change Management, Security Administration, Incident Management, Conformance Management
• Demonstrates a breadth of tech knowledge
• Has an understanding of and commitment to the ACS Code of Professional Conduct

How important are Certified Professionals?

Professional certification is the best risk mitigation strategy for business and it allows Australia’s tech industry to maintain a high standard of professionalism. 

Unlike vendor certifications, ACS Certified Professionals are certified using the Skills Framework for the Information Age (SFIA), comprised of 97 key skills within 6 key categories and 7 levels of competency.

This means that ACS certification uses specific core tech functionalities, is vendor agnostic and utilises a range of validation techniques.

How does the ACS assess Certified Professionals?

Our certifications (CT and CP) are undertaken by assessors who chart degree claims of applicants against a list of accredited universities. This is ranked on an international scale according to the Australian Qualifications Framework (AQF) in a database hosted by Department of Education, Employment & Workplace Relations (DEEWR).

In addition to university degrees or other recognised vendor qualifications, our Cybersecurity CT and CP designations cannot be obtained by the applicant without also providing evidence of work experience at an appropriate skilled level with varying duration requirements, and demonstration of having met professional development criteria (according to the ACS points allocation scheme).

CP Cybersecurity and alignment to our industry partners ISACA & ISC2

Vendor certifications from associations such as ISACA, organisations like (ISC)² as well as bodies like SANS, EC Council and CREST all offer security certifications.

One of the most well-known is the Certified Information Systems Security Professional (CISSP) from (ISC)² where candidates must possess a minimum of five years of direct full-time security work experience in two or more of the (ISC)² information security domains in order to be certified.

The Cybersecurity Taskforce, along with other broader industry consultations, undertook an environmental scan on global security certifications.

The resulting security certifications environmental scan showed that certifications from ISACA and ISC2 show equivalence for skills, qualifications and experience in the ACS cybersecurity specialisms.

For Certified Technologist (Cybersecurity) assessments, the following two certifications are considered equivalent for skills, qualifications and experience:

• Systems Security Certified Practitioner (SSCP) from ISC²
• Certified Information Systems Auditor (CISA) from ISACA

For Certified Professional (Cybersecurity) assessments, the following three certifications are considered equivalent for skills, qualifications and experience:

• Certified Information Systems Security Professional (CISSP) from ISC²
• Certified Secure Software Lifecycle Professional (CSSLP) from ISC²
• Certified Information Security Manager (CISM) from ISACA

ISACA and ISC2 certifications need to be current certifications, demonstrating ongoing CPD at the time of submitting for ACS assessment.

While obtaining any vendor certification is an accomplishment, a CISSP, CISA etc. does not demonstrate or validate how you apply the knowledge that is related to the certification. You could have a CISSP but work in a purely technical role at a relatively low level of responsibility.

ACS certification supports these industry certifications by encompassing the knowledge, skills and attributes of an individual, assessing certifications and qualifications alongside work experience, and communications skills benchmarked against 7 levels of responsibility.

How does a member apply for ACS cybersecurity certification?

If a member is not ACS certified, members can apply at the ACS certification landing page.

The assessment portal is in the process of being updated to allow those members who are already CT/CP to be able to apply for a cybersecurity specialism. In the interim, any ACS-certified members who wish to apply for cybersecurity certification should send an email to member.services@acs.org.au to have their assessment initiated manually.

Can a member have two CP certifications or two CT certifications?

No. If a member upgrades their certification to the new ACS cybersecurity certification, their previously awarded CP or CT will be replaced by the new certification.

ACS cybersecurity certification shows you have met the requirements of the CP or CT as well as the validation of 4 SFIA skills related to cybersecurity in order to be awarded the new specialism.

In future, as ACS releases new specialisms (i.e Safety Critical Systems) members will be able to hold multiple specialisms but not a CP and a specialism(s).

Can an applicant nominate which skills they wish to be assessed against?

No. The assessor identifies the 3 or 4 listed skills as opposed to the applicant nominating them because many applicants will have a strong enough knowledge of SFIA to accurately nominate their skills. With years of experience in certification assessment, the assessors are best-placed to identify the applicant’s skills.  

Why did ACS develop a Safety Critical System certification?

ACS has recognised the need to introduce “specialisms” – certifications are based on the successful Certified Professional (CP) certification, but which attest to an applicant’s expertise in certain identified areas. One of areas chosen as most urgently in need of introduction, and most important for developing the profession, is the specialism of safety critical systems. The safety critical systems specialism was developed under the auspices of the ACS Safety Critical Systems Working Group.

Who can apply for certification?

All members of the ACS who are also working in a safety-critical or life-critical system role are eligible to apply for certification. Members are assessed based on their experience and education and professional certification (CP).

Non-members will not have need to join the ACS and be an ACS Certified Professional (CP)

How much does it cost to be a CP (Safety Critical System)?

For non-members, a membership application for the ACS is $374 incl. of GST and then a Certification application of $346.50 incl. of GST is charged which covers assessment for Certified Professional (CP) and Safety Critical Systems (SCS). This is an introductory price and is valid only to the 24/8/2018.

For existing Certified Professionals (CPs), the cost of the certification application is $346.50 inclusive of GST

Who was consulted from industry?

The safety critical systems specialism was developed with input from the Australian Safety Critical Systems Association (aSCSa) and it’s member organisation representing the Aviation, Government, Transport and other related sectors.

What is required to become a Safety Critical Systems specialist?

Minimum Requirement  

• The applicant must be a CP
• The applicant must have a relevant ICT or engineering degree
• The applicant must have practioner-level proficiency in four ACS safety critical systems units4 (one from each group)

Mandatory Safety Analysis

• Safety hazards and risk analysis (HRA) 

Safety Management

• Corporate functional safety management (CFM) 
• Project safety assurance management (PSM) 

Safe Systems Realisation

• Safety-related system architectural design (SAD) 
• Safety-related system hardware realisation (SHR) 
• Safety-related system software realisation (SSR) 
• Human factors safety engineering (HF) 

Supplementary Experience

• Corporate functional safety management (CFM) 
• Project safety assurance management (PSM) 
• Safety-related system maintenance and modification (SRM) 
• Safety-related system or services procurement (SRP) 
• Independent safety assessment (ISA) 
• Safety requirements specification (SRS) 
• Safety validation (SV) 
• Safety-related system architectural design (SAD) 
• Safety-related system hardware realisation (SHR) 
• Safety-related system software realisation (SSR) 
• Human factors safety engineering (HF)

How important are Certified Professionals?

Professional certification is the best risk mitigation strategy for business and it allows Australia’s tech industry to maintain a high standard of professionalism. 

Unlike vendor certifications, ACS Certified Professionals are certified using the Skills Framework for the Information Age (SFIA), comprised of 97 key skills, within 6 key categories and 7 levels of competency.

This means that ACS certification uses specific core tech functionalities, is vendor agnostic and utilises a range of validation techniques.

Specialisms go a step further and validate specific skills and competencies related to that specialism.  

ACS safety critical system units are available to download.

How does the ACS assess Certified Professionals? 

Our certifications (CT and CP) are undertaken by assessors who chart degree claims of applicants against a list of accredited universities. This is ranked on an international scale according to the Australian Qualifications Framework (AQF) in a database hosted by Department of Education Employment & Workplace Relations (DEEWR).

In addition to a relevant university degree (ICT or engineering), our CP (Safety Critical Systems) designation cannot be obtained by the applicant without also providing evidence of work experience at practitioner level in a number of ACS Safety Critical Units.

How is the safety critical systems specialism assessed?

A key aspect is for an applicant to be recognised as a specialist by their peers.

Assessment is by a panel interview with a lead assessor and 2 Peer Assessors (SMES) who are experts in safety critical systems.

Presently, only ACS members holding CP status are eligible for safety critical systems specialism certification.

What type of evidence is required to support the claims for ACS safety critical systems units?

In every case the assessors are judging demonstrated competence that is evidenced by carefully described workplace experience as well as written reports, presentations, etc.

Assessors will investigate a sample of claims by asking more questions in an interview, or by enquiring through referees or other sources.

Education and training in the relevant ACS safety critical units areas may also support a case but would not be sufficient without relevant workplace experience.

[1] ACS Safety Critical Units adapted here with permission from IET Competence Criteria for Safety-related Systems Practitioners.

As a Certifiied Professional, you can use the CP post-nominal if you have completed the minimum yearly requirement of 30 CPD hours. Depending on your ACS membership, use one of the below:

• Member - MACS CP 
• Senior member - MACS Snr CP 
• Fellow - FACS CP 

ACS CTs can use the MACS CT post-nominal if the minimum yearly requirement of 20 CPD hours is completed. 

Rights and responsibilities

ACS requires approval of any advertisement incorporating the ACS logo. If using CP or CT logos for business cards, approval is not required providing ACS Brand Guidelines are followed. Our guidelines do not permit using the ACS shield logo by individuals for individual or business promotional use.

For information about ACS brand use, please contact memberservices@acs.org.au