About the Certified Counter-Insider Threat Professional (CCITP) Program
CCITP Program History and Purpose
With the rise of classified information being released into the public domain and causing great damage to the interests and activities of U.S. and Allied forces across the world, the President of the United States signed Executive Order 13587 in 2011. The Executive Order created a mandate that every Executive Level Department and Agency have a Counter-Insider Threat (C-InT) Program capable of deterring, detecting and mitigating against actions by employees who present a threat to national security. The Executive Order also created the National Insider Threat Task Force (NITTF) as the Government-wide means for assisting Departments and Agencies as they develop and implement their own insider threat programs. Since the signing of the Executive Order, responses from the Executive Level Departments and Agencies across the U.S. Federal Government have varied. In 2017, the NITTF began partnering with the Office of the Under Secretary of Defense for Intelligence and Security (OUSD(I&S)) as part of an ongoing effort to bring all Departments and Agencies into compliance with the Executive Order as well as to standardize and professionalize the C-InT Workforce across the Federal Government.
On October 30, 2018, the OUSD(I&S), along with the NITTF, facilitated the first meeting of C-InT professionals from across the Federal Government to discuss the vision and scope of what would become the CCITP Program. This group would eventually evolve to become the CCITP-Governance Council (CCITP-GC). The goal of the CCITP-GC is to create a certification program that will establish workforce credibility, foster a professional identity, and catalyze professional development.
The CCITP Program is the first certification program within the U.S. Federal Government to be developed jointly by representatives from both the Department of Defense (DoD) and the broader U.S. Government (USG). Because of this joint effort, the scope and applicability of the CCITP Program is able to cut across all C-InT Programs within Departments and Agencies across the U.S. Federal Government. This effort was made possible by the partnership between the Under Secretary of Defense for Intelligence and Security (USD(I&S)) and the Director of the National Counterintelligence and Security Center (NCSC) (a senior agency who manages the NITTF and reports to the Office of the Director of National Intelligence (ODNI)). Together the USD(I&S) and the Director of NCSC serve as the joint conferral authorities for the CCITP Program.
Currently the CCITP Program offers two certifications:
- CCITP – Fundamentals (CCITP-F)
- CCITP – Analysis (CCITP-A)
The Counter-Insider Threat Professional Certification Program was developed with extensive input from the C-InT workforce, including from individuals working within the various Components of the Department of Defense and numerous other Federal departments and agencies. First, the program conducted a job task analysis to identify the C-InT Essential Body of Work (EBW) and C-InT Essential Body of Knowledge (EBK). The C-InT EBW reflects broad accountabilities (or functions) needed to ensure successful execution of the C-InT mission. The C-InT EBK reflects the knowledge needed to execute accountabilities specified in the C-InT EBW. Both the C-InT EBK and C-InT EBW leverage the Insider Threat Competency Resource Guide, published by the National Insider Threat Task Force in August 2017.
After gaining community concurrence with these products, the program executed the criterion-referenced test development (CRTD) process. This includes 1) leveraging community Subject Matter Experts (SMEs) to develop, review, and validate test questions; 2) compiling, formatting, and publishing test questions in pilot test forms; 3) recruiting C-InT workforce volunteers to take the pilot tests; 4) conducting a psychometric analysis to score each test, identify the best test questions, and generate final test forms; and 5) working with community SMEs to establish each test’s passing score.
Finally, after executing the CRTD process, the program engaged with community SMEs to establish the program’s certification requirements. This includes working with SMEs to establish the following certification requirements:
- Eligibility (i.e., Who can participate in the C-InT Certification Program?)
- Pre-requisites (i.e., What must candidates do prior to sitting for the exam?)
- Maintenance Cycle (i.e., How long is the certification valid?)
- Maintenance Requirements (i.e., What must individuals do to keep their certification valid?)
The CCITP-F Certification is designed to measure and assess whether an individual has the requisite knowledge and skills as annotated within the CCITP-F Essential Body of Knowledge (EBK) to perform the tasks outlined in the CCITP-F Essential Body of Work (EBW), as identified by the C-InT Community. The CCITP-F Certification was designed with a target population of those personnel working directly in a C-InT Program, however, because each program is unique and has different needs and constraints, the CCITP-F Certification is open to anyone who works within or is affiliated with a C-InT Program, as determined by each Program Manager.
The CCITP-A Certification is designed to measure and assess whether an individual has the requisite knowledge and skills as annotated within the CCITP-A Essential Body of Knowledge (EBK) to perform the tasks outlined in the CCITP-A Essential Body of Work (EBW), as identified by the C-InT Community. The CCITP-A Certification was designed with a target population of those personnel working directly in a C-InT Program and performing analysis functions; however, because each program is unique and has different needs and constraints, the CCITP-A Certification is open to anyone who works within a C-InT Program, as determined by each Program Manager.
The table below displays the exam and program statistics for CCITP-F and CCITP-A. These statistics are current as of February, 2020.
|Total Number of Attempts
|Total Number of Active Certificants
The Counter-Insider Threat Professional Certification Program is operated by the Counter-Insider Threat Certification Program Management Office (C-InT PMO) under the oversight of the Under Secretary of Defense for Intelligence. The C-InT PMO coordinates activities and execution of the program with the National Insider Threat Task Force (NITTF).