What should be paid attention to in CCRC certification?

Requirements for CCRC information security service's qualification application: The project type carried out by the applicant is IT-related, with suitable office space, good financial status and credit level, certain service personnel, basic management system and effective operation, which can provide support and guarantee for the safety service process of the organization.

The processing conditions of CCRC certification are divided into three levels:

(1) Independent legal person, the company has been established for not less than 6 months;

(2) Social security is not less than 10; Among them, no less than 1 person has graduated from undergraduate course for about 6 years (preferably majoring in computer science):

(3) Project requirements: The applicant company shall provide at least 65,438+0 project contracts signed and completed by the counterpart in the last three years, and provide acceptance reports, invoices and bank receipts of the projects;

(4) Scope of business license: the scope corresponding to the application direction. If you apply for software security development, you must use the words "software development", security integration must use the words "integration", and security operation and maintenance must use the words "operation and maintenance service or computer technology service".

The second level:

(1) Independent legal person, the company has been established for not less than 3 years or has obtained Grade III for not less than 1 year;

(2) No less than 25 social security workers: among them, no less than 1 person who has graduated from undergraduate courses for about 6 years (preferably majoring in computer science);

(3) Project requirements: For the initial application, the applicant company shall provide at least six project contracts signed and completed by the corresponding parties in the last three years, as well as acceptance reports, invoices and bank receipts of the corresponding projects; For the supervision application, the applicant company shall provide at least two project contracts signed and completed in the last 65,438+0 years, and provide the acceptance reports, invoices and bank receipts of the corresponding projects:

(4) Have relevant technical tools. (such as operation and maintenance tools, vulnerability scanning tools, configuration management tools, etc.). );

(5) Obtain ISO900 1, ISO2700 1 or ISO20000 certificate; (or provide a complete set of management system documents of 900 1, 2700 1 or 20000):

(6) Scope of business license: the scope corresponding to the application direction. If you apply for software security development, you must use the words "software development", security integration must use the words "integration", and security operation and maintenance must use the words "operation and maintenance service or computer technology service".