Cyber resilience
in entities of the
National Cybersecurity System

General Information
The certification program meets the requirements of the PN-EN ISO/IEC 17024 Conformity Assessment standard. General requirements for bodies certifying individuals.
Certification within this program is voluntary. NASK certification services are open to all individuals in a non-discriminatory manner.
NASK guarantees that certification activities are carried out impartially and has the resources necessary to conduct the certification process.
The owner of the certification program is NASK.
Who the Certification Program is Aimed At
The program is intended for individuals involved in managing entities within the National Cybersecurity System (KSC), particularly members of boards, managing directors, supervisory board members, general directors, and members of management bodies in public administration entities (e.g., heads of local government units).
Competencies of the Certified Individual
he certified individual has knowledge of formal and legal regulations at the national and European Union levels related to cybersecurity.
They possess the skills to supervise, coordinate, and implement tasks related to the security of telecommunication infrastructure, including identifying and responding to cybersecurity threats to KSC entities.
They know how to organize the incident reporting process, ensure the continuity of information and communication systems, and manage information security.
Additionally, the certified individual has knowledge of creating crisis communication strategies and is able to identify and verify information related to cybersecurity risks. They are familiar with methods and techniques for risk assessment.
The certified individual knows best practices for ensuring telecommunication security, how to implement them, and the possibilities for certifying products, processes, services, and personnel competencies in cybersecurity.
The obtained certificate will confirm their professional preparation to manage cybersecurity in entities subject to the National Cybersecurity System Act and the NIS2 Directive.
Prerequisites
  • higher education;
  • at least 5 years of employment based on an employment contract, appointment, election, nomination, cooperative employment contract, or provision of services under another agreement, or self-employment;
  • at least 2 years of managerial experience in a KSC entity (member of the board, supervisory board member, general director, head of a local government unit) or meeting the conditions set for auditors authorized to conduct security audits of information systems as specified in Article 15(2)(2)(a) in conjunction with paragraph 8 of the Act of July 5, 2018, on the National Cybersecurity System;
  • no conviction by a final court judgment for an intentional crime;
  • completion of training covering modules specified in the certification program.
Certification Process
The certification process includes the submission of an application by the individual seeking certification to the Certification Unit of NASK, a review of the application, an evaluation, the issuance of the certification decision, and supervision over the issued certificate.
Jednostka Certyfikująca NASK zapewnia równy, niedyskryminujący nikogo dostęp do certyfikacji kompetencji.
The Certification Unit ensures that it operates within the requirements of the PN-EN ISO/IEC 17024 standard, including that all decisions are free from any pressures that could compromise the objectivity of the certification process.
Pre-registration form for the certification exam

More information (download) Certification program: CYBERODPORNOŚĆ W PODMIOTACH KSC (PCO-ACE-CRL)

Training for management of entities within the National Cybersecurity System
For more information, please contact: standard@nask.pl