Training Bodies
The NCIIPC-QCI Scheme for accreditation of IT and ICS Training Bodies (TBs) is an initiative of the Government to develop a pool of specialist organisations that can help CSEs in training their workforce to handle the different dimensions of work related to the digital ecosystem. The TBs can also offer training services to individual professionals, who are desirous of enhancing their competencies and obtaining certifications.
The core objective of the Scheme is to put in place a robust system of oversight and due diligence to accredit bonafide TBs, with an assurance that they can impart high quality training to the organisation’s workforce and individual professionals.
Alignment with Domains
Training offered by the TBs to CSEs and individuals are aligned to the 19 domains of the CSEs that are defined under the Scheme and tabulated below. This alignment will help the CSEs to easily map the training objectives and outcomes to their domain requirements.
| . | Domain Type | Domain Title |
|---|---|---|
| 1 | Organisational | Governance, Risk and Compliance |
| 2 | Technical | Technology & System Security Architecture |
| 3 | Technical | Secure Software Development |
| 4 | Technical | Application Security Testing |
| 5 | Technical | Security Product Testing |
| 6 | Technical | Network Security Administration |
| 7 | Technical | System Security Administration |
| 8 | Technical | Applications & Data Security Administration |
| 9 | Technical | Security Support Services |
| 10 | Technical | Security Performance Management |
| 11 | Technical | ICS Cyber Security |
| 12 | Technical | ICS Cyber Risk Assessor |
| 13 | Technical | ICS Cybersecurity Design, & Implementation |
| 14 | Technical | ICS Cybersecurity Operations & Maintenance |
| 15 | Technical | Cyber Defence |
| 16 | Technical | Cyber Vulnerability, Threat & Risk Management |
| 17 | Technical | Security Operations |
| 18 | Technical | Cyber Forensics & Investigation |
| 19 | Organisational | Cyber Training & Awareness |
Scope of Training
Annexures 1A, 1B and 1C of the Scheme document provides a detailed view of the expected offering from the TBs. The details are given under the following heads:
- Domain
- Knowledge and Skill modules
- Number of days for training
- Training objectives
- Training outcomes
- Mode of delivery (online/ face-to-face/ hybrid)
Readers are advised to consult the Scheme documents for further details.
Accreditation of TBs
Accreditation Bodies (AB) are responsible for accreditation of TBs under the Scheme. During the accreditation process, the TB shall be attested for their capability, competence and level of expertise to provide training service as per the detailed scope of work/ services tabulated in the Scheme document.
The accreditation process requires the TB to demonstrate to the AB that their trainers have the required competency (knowledge, skills and advanced/ master level expertise) to deliver the training. The Scheme tabulates the knowledge and skill requirements for the trainers, which is derived from the Scheme for Cybersecurity Professionals.
The evidence of competency is usually demonstrated through global certifications and documented work experience of the trainers.
Once accredited, the TB can offer their training services as a whole package or parts of it, depending on the scope chosen and the services sought by the client.
Guidance
CSEs must leverage the robust mechanism of the NCIIPC-QCI Scheme to accredit skilled training bodies. The CSEs can hire TBs to train their composite workforce to handle portions of the work of conceptualisation, design, engineering, acquisition, operation and management of their digital infrastructure.
The Scheme documentation will also be useful to the internal training teams of organsiations. They can use the structure and content to devise their training packages just like the accredited TBs.