The Global Accredited Cybersecurity Education (ACE) Scheme


Global ACE Scheme

The Global Accredited Cybersecurity Education (ACE) Scheme is a holistic framework of cyber security professional certification that outlines the overall approach, independent assessments, impartiality of examinations, competencies of trainers, identification and classification of cyber security domains and the requirements of professional memberships.

The scheme is a large-scale systematic plan of actions to certify and recognise cyber security workforce. It is industry driven and vendor neutral, developed in collaboration with government agencies, industry partners and academia.

The establishment of the scheme is in tandem with international standards such as ISO/IEC 9000 on processes, ISO/IEC 17024 on certification of persons and ISO/IEC 27001 on security management, vital to:

  • Assure workforce capability and experience;
  • Secure and validate core skills, knowledge, attitude and experience; and
  • Assure trustworthiness, ethical conduct and responsibility

The Global ACE Scheme aimed at enhancing the skill-sets of cyber security workforce congruent with local and international requirements. Through the Global ACE Scheme Recognition Arrangement, permits mutual recognition of certified cyber security workforce across the country boundaries. It creates value for the cyber security industry and elevate the security-facet of participating countries.

 

Vision and Objectives

The vision is to create a critical mass of qualified and competent workforce with shareable expertise across the country boundaries.

The scheme has the following objectives:

  • To establish a professional certification programme that is recognized globally;
  • To provide cyber security professionals with the right knowledge, skills, attitude (KSA) and experience;
  • To promote the development of cyber security professional programmes globally; and
  • To ensure accredited personnel has been independently assessed and committed to a consistent and high quality service level

The Global ACE Scheme framework(Figure 1)

 

The heart of the Scheme is the framework that provides a standard base and means of acknowledging the “knowledge, skill and attitudes" for the workforce in the cyber security sector. The framework will be the base for impartial examinations and guideline for certifications. The framework encompassing two broad categories of domains (Figure 1) as below:

The “Cyber Security Technical Competencies” - related to technical skills and knowledge required by a professional to conduct its task as a certified professional. Domains are:

  1. Digital Forensics
  2. Incident handling and response
  3. Security Assurance
  4. Cryptography
  5. Governance
  6. Risk
  7. Compliance

The “Cyber Security Generic Competencies” - related to the necessary cyber security soft skill-sets in delivering service and consultation. Domains are:

  1. People skills domains:
    1. Leadership
    2. Mentoring & Coaching
    3. Diversity Management
    4. Communications
    5. Strategic Thinking
  2. Process skills domains:
    1. Change Management
    2. Organizational Management
    3. Information Management
    4. Financial Management
    5. Conflict Management
  3. Business acumen skills domains:
    1. Entrepreneurship
    2. ICT Literacy
    3. Customer Services
    4. Partnership & Coalition
    5. Innovation & Creation

 

Global ACE Scheme Recognition Arrangement allows for mutual recognition of certified cyber security professionals, which creates value for the cyber security industry and participating countries.