CIS Controls Accreditation

CIS Controls accreditation offers CIS SecureSuite Members the ability to provide CIS Critical Security Controls implementation, auditing, and/or assessment with the assurance that they have met the consistent and rigorous standards of CREST certification. This program offers service providers a “stamp of approval” at the organization level, assuring that their customers can feel confident that they are doing business with a reputable and reliable CIS Controls assessment organization.

Benefits of CIS Controls Accreditation

For Member Organizations

  • Provide your customers with the assurance that your organization has met CIS standards for CIS Controls assessment

  • Enjoy the added visibility of having your organization listed on the CIS website as a CIS Controls Accredited organization

  • Market and sell your services with the CIS Controls Accredited badge

For Customers

  • Be confident that you are engaging with qualified service providers to assess and improve your cybersecurity posture through a CIS Controls-accredited organization

CIS Controls Accreditation Eligibility

CIS SecureSuite Membership is required to apply for this accreditation. The following CIS SecureSuite Member types are eligible and can start the application process by completing the CREST contact form.

  • CIS SecureSuite Product Vendor Members

  • CIS SecureSuite Consulting and Services Members

  • CIS SecureSuite Controls Members

CREST membership is not required.

Application Fee

$1,500 USD for CREST members

$2,500 USD for non-CREST members

Applying for CIS Controls Accreditation

Complete the contact form to begin the application and get access to the CREST application portal.

The CREST application portal will automatically assign tasks based on the custom fields the applicant has selected.

The application form is split into several tasks. These tasks can be completed concurrently and by separate individuals.

  1. Company Application Form - This form contains company information such as organization details, insurance, membership subscription, contact details, and policies and procedures.
  2. CIS Controls Accreditation Application Form - Assesses the competence and experience of the organization to deliver services. It details a set of expectations and standards of behavior for organizations conducting work under this program.
  3. Qualified Individuals - This task captures and records the details of the individual(s) who will be performing assessments on behalf of the organization.
  • This process assures that the organization is reputable, adheres to the code of conduct, and has a robust process for training staff to perform implementation/audit/assessments of CIS Controls.
  • Applicants will be required to provide the name, contact details, and qualification of the individual(s) listed. The task will also include an upload function to provide documented evidence of attainment.

CIS Controls Accreditation Approval

The organization must successfully complete the CREST assessment. You may market and sell your services with the CIS Controls Accredited badge only after your organization has been awarded CIS Controls accreditation. The badge will be provided to you at that time. 

CIS SecureSuite Membership logo  
Ready to enroll?
Arrow Apply for CIS SecureSuite Membership
Have questions about membership?
Arrow Contact us