Only already "listed" teams can become accredited. Any registered team that is serious about it's service can gain accreditation. Accreditation is performed by the TI following a standardised process which takes between one and four months, depending on the current status and preparation as well as the feedback received during this process. A one-time accreditation fee (800 EUR, VAT might be charged) and an annual fee (1200 EUR, VAT might be charged) ensure the continuity of the TI services for the community.
To apply for accreditation every team needs to follow these steps:
- If a team is not yet listed, it must apply for registration first.
- To apply for accreditation, the team just needs to send a simple request to the TI team.
- The TI team will start the accreditation process by sending the so-called Appendix A to the potential candidate. This Appendix A shows the formal acceptance of the process by the team. The Invitation Package contains all the information needed to prepare for a successful completion of the accreditation.
- Within four weeks after becoming invited the formal acceptance of the process requirements need to be signed and then send by fax/e-mail and postal mail to the TI team. Once the Appendix A has been received, the formal status of the team will changed to "accreditation candidate" and the TI community will be notified accordingly.
- Starting from the recognition as candidate the team has three month to update the team data using the TI Self-Service outlining the required statements and information.
- The TI team will verify and assess all the information that have been put into the TI database by the candidate and may ask additional questions. This verification and feedback cycle usually takes one to four weeks on average, depending on the level of interaction. Please be advised that the successful verification of the candidate must be finalised within the available three months.
- Once the TI team has verified that the candidate has met all requirements, the status of the team is changed from "listed" to "accredited". The candidate as well as the TI community are formally notified thereof. With the new status the team gains access to the complete set of TI Services.
- If at any stage during this process the candidate does not meet the requirements or misses the deadlines, the invitation will expire or the accreditation process will fail. Any team can only be invited twice within twelve month.
Eight month after a team has been accredited, it can apply for TI Certification.
Related Materials
Materials for this process are:
- Invitation Package including appendices B to E (accreditation requirements and forms, definitions and background information, appendix A is send directly to the teams applying for accreditation).
In addition please refer to the information page about de-facto standards for incident response and security teams.