Only already listed teams can become accredited. Any registered team that is serious about it's service can gain accreditation. Accreditation is performed by the TI following a standardised process which takes between one and four months, depending on the current status and preparation as well as the feedback received during this process. A one-time accreditation fee (800 EUR, VAT might be charged) and an annual fee (1200 EUR, VAT might be charged) ensure the continuity of the TI services for the community.

To apply for accreditation every team needs to follow these steps:

  1. An accreditation candidate must be "listed". If a team is not yet listed, it must apply for registration first.
  2. To apply for accreditation, the team just needs to send a simple request to the TI team.
  3. The TI team will start the accreditation process by sending a formal "invitation package" to the potential candidate. This package contains all the materials needed to prepare for a successful completion of the accreditation.
  4. Within four weeks the formal acceptance of the process requirements need to be signed and then send by fax and postal mail to the TI team. Once the letter has been received, the formal status of the team will changed to "accreditation candidate" and the TI community will be notified accordingly.
  5. Starting from the recognition as candidate the team has three month to submit a completed set of documents outlining the required statements and materials.
  6. The TI team will verify and assess all the materials that have been send by the candidate and may ask additional questions. This verification and feedback cycle usually takes one to four weeks on average, depending on the level of interaction. Please be advised that the successful verification of the candidate must be finalised within the available three months.
  7. Once the TI team has verified that the candidate has met all requirements, the status of the team is changed from "listed" to "accredited". The candidate as well as the TI community are formally notified thereof. With the new status the team gains access to the complete set of TI Services.
  8. If at any stage during this process the candidate does not meet the requirements or misses the deadlines, the invitation will expire or the accreditation process will fail. Any team can only be invited twice within any given period of one year.

Once a team has been accreditedit can apply for TI Certification.

Related Materials

Useful materials for this process are:

  • Example of an invitation package including appendices A to E (accreditation requirements and forms, definitions and background information)
  • RFC-2350 (support is obligatory): Internationally established fill-out form for CERTs to basically state who they are and who they serve, when and how they can be reached, what their services are and how they handle and disclose information with due care. Filling out and publishing RFC-2350 is a MUST for TI Accredited CERTs since May 2009.
  • Information Sharing Traffic Light Protocol (Version 1.1, support is obligatory): Started in the community of governmental and national CERTs, this highly pragmatical set of rules for information sharing has been adopted as de facto standard by the European security and incident response community in 2009 - and to honour this is now a MUST for TI Accredited teams.
  • CSIRT Code of Practice (Version 2.1, recommended to use, support is not obligatory): This Code of Practice for CERTs and security teams was adopted by the TI Accredited CERTs as recommendation in 2005. This is a first step towards making professional ethics explicit in the TI community, and as such a step in increasing a team's maturity.