Regulations Register Certification of the Foundation SECO-Institute
1. Introduction
1.1 The Foundation Security & Continuity Institute (SECO-Institute) was established by notarial deed on February 4, 2011. The Foundation is registered in the foundations register of the Chamber of Commerce in Amsterdam under number 52012026.
1.2 The Foundation has set itself inter alia the goal to improve the quality of the security & continuity of systems and processes and to improve and protect the expertise and professionalism in terms of the security of persons and to protect everything that directly or indirectly is related or may be conducive thereto.
1.3 The Foundation wants to achieve the alleged goal by:
a) Establishing and maintaining one or more registers in which individuals as well as organisations may be registered when meeting the criteria at issue under b);
b) Establishing and if necessary, revise or add to the criteria on which registration is granted in the register;
c) On request evaluating the data provided by the applicants to the criteria as mentioned under b);
d) Based on the under c) mentioned evaluation, and subject to conditions to be determined, give authorisation for using the by the Foundation determined marking and possibly logo;
e) Providing information from a register to third parties interested.
1.4 The authority of the Board to adopt or to amend the regulations results from article 7 of the articles of the Foundation.
2. Goal
2.1 The goal of these regulations is to give further rules concerning the previous as far as it concerns the Register Certificating.
2.2 Het Register Certificating has the goal to provide the community a register in which qualified professionals and organisations can register and which can be consulted by interested parties.
3. Definition of terms
For the purposes of these regulations the following:
- the Foundation: de Foundation Security & Continuity Institute (SECO-Institute);
- the articles: the articles of the Foundation are established by notarial deed number 000150.01.HD on February 04, 2011;
- the Board: the Board of the Foundation consisting of representatives of the participating institutions and which in accordance with article 4 of the Articles of Association shall be appointed;
- participating institution: an organisation that awards vocational certificates in accordance with the rules in the regulations and this administers in the register;
- the regulations: the present regulations;
- the register: the Register Certifications;
- the candidate: referring to the natural person to which application for admission to the register concerns;
- the registered: the natural person who is admitted to the register;
- protecting: carrying out activities with the purpose to protect persons or property against deliberate human actions that may lead to loss;
- the applicant: a natural person who expressed the wish to obtain registration in the register
(1) for himself, or
(2) for a candidate, for which he/she is entitled as representative in this act; - authorised representative: a by the Board acknowledged and authorised person or institution that may submit admission applications on behalf of third parties;
- the application:
(1) the written expression of the applicant concerning the wish for admission to the register;
(2) the written request for information regarding registrants in the register; - the application form: the by the Foundation provided form for the purpose of making an application;
- a certificate of good conduct: the certificate as stated in the Law on Criminal Records and the Certificate of Good Conduct;
- a recognized educational institution: an education in the field of one of the participating institutions of which the Board, taking into consideration the contents, analytical depth and level of the education and the fact that the education in question is externally evaluated that its usefulness has been demonstrated in practice, has decided that it can serve as one of the conditions for admission to the registry.
- recognized position:
- a management and on policy-setting advising level position in the field of security. In this context management means: that the candidate manages that part of the organisation where he/she is working (like head of security, manager security etc.) to be at the discretion of the Board; or
- a policy-setting advising position in the field of security; or
- a policy-setting position in the field of security;
- for all the positions referred to above applies that from the established job description or otherwise that:
- the position primarily concerns security work, and
- for the position is at least a college education required or a higher professional work and thinking level;
- the register contribution: the financial contribution, which the registered has to pay annually to the Foundation concerning registration to the register or its renewal. The date of payment is depending on the date of registration.
the Committee: the committee compiled by the Board, whether or not on ad hoc basis, can among others give advice to the Board and handles appeal cases. Members of the Board are not part of the Committee.
4. Admission
4.1 To the register will be admitted the natural person and organisations who meet the conditions specified in the regulations and who have provided the Foundation with an application for admission as stated in these regulations.
4.2 Members of the Board are qualitate qua admitted to the register. Registration is free of charge and is upon request by the respective member.
5. Application for admission
5.1 Foundation, Practitioner and Expert exam candidates will receive their certification title automatically upon passing the exam. After one Year they will receive an email from the Foundation to extend their certification.
5.1 For Certified Officer certifications, the application for admission must be submitted in writing by an applicant and includes:
- submission of the completed and signed application form at the website.
- presentation of a certificate stating that the candidate completed a recognized education and has completed this successfully, i.e. having made, according to the educational institution, the examination or test of any kind with a sufficient result;
- for Certified Officer titles; submitting documentary evidence (CV) indicating that the candidate has sufficient working experience (minimum 3 years);
- for Certified Officer titles; submitting documentary evidence showing that the candidate has made a successful implementation in his field. This has to be supported by two references by means of a signed statement.
- a statement signed by the candidate, according to the model provided by the Foundation, in which he/she agrees to fulfil the obligations arising from this regulation and to abide by the Code of Conduct drawn up by the Foundation;
- a copy of a valid driving license or passport of the candidate;
- a passport photo of the candidate;
- the payment of the first registry contribution by the candidate.
5.3 The applicant shall submit first the under article 5 paragraph 2 mentioned documents to the Secretary of the Foundation before the procedure starts to evaluate whether one qualifies for the title.
5.4 The registry contribution has to be paid upfront to the Treasurer of the Foundation. SECO-Institute will send the invoice.
5.5 An application that does not meet the conditions mentioned in these regulations, is incomplete or if after examination seems to be incorrect at one or more components, will not be taken into consideration.
5.6 In case as defined in article 5.4. the applicant will be informed in writing that he/she has the opportunity to add and/or correct the given information and re-submit within a period of thirty days from the date stated in the written (e-mail) message. When SECO-INSTITUTE does not receive any addition or amendment, the application will be declared inadmissible.
5.7 If after addition and/or amendment the information provided still does not meet the conditions mentioned in this article and/or is incomplete, the application will be declared inadmissible. This applicant will be informed accordingly.
5.8 In case of providing incorrect data, the Board will decide that the application will not be processed. The applicant and the Committee will be notified accordingly in writing (e-mail). The applicant may, within fourteen days of the date of the written notification, lodge an appeal to the Secretary of the Foundation. The appeal will be examined by the Committee. If the Committee rejects the appeal based on conscious fraudulent intent (serious suspicions or evidence), for a period of ten years, starting from the date of the decision of the Committee, no application of the relevant person will be taken into consideration. The stated in article 7.8. is applicable to the appeal procedure.
5.9 In case an application is made by an applicant, who is found or it seems that he/she before the date of registration has unjustly used the authentication, the application, for a period of three years starting from the date SECO-INSTITUTE receives the application, will not be taken into consideration. In that case the procedure as stated in 5.7. and 7.8. will be uniformly applicable.
5.10 Declared inadmissible applications will be destroyed by SECO-INSTITUTE.
6. Recognized certifications
6.1 The Board shall determine which educational institution is recognized and accepted within the context of these regulations.
6.2 When adopting these rules, the following certifications have been recognized:
- Information Security Foundation (S-ISF)
- Information Security Practitioner (S-ISP)
- Information Security Management Expert (S-ISME)
- Certified Information Security Officer (S-CISO)
- IT-Security Foundation (S-ITSF)
- IT-Security Practitioner (S-ITSP)
- IT-Security Expert (S-ITSE)
- Certified IT-Security Expert (S-CITSO)
- Data Protection Foundation (S-DPF)
- Data Protection Practitioner (S-DPP)
- Data Protection Expert (S-DPP)
- Certified Data Protection Expert (S-CDPO)
- Ethical Hacking Foundation (S-EHF)
- Ethical Hacking Practitioner (S-EHP)
- Ethical Hacking Expert(S-EHE)
- Certified Ethical Hacking Leader (S-CEHL)
- Secure Programming Foundation (S-SPF)
- Secure Programming Practitioner (S-SPP)
- Secure Programming Expert (S-SPE)
- Certified Secure Programming Leader (S-CSPL)
- Business Continuity Foundation (S-BCF)
- Business Continuity Practitioner (S-BCP)
- Business Continuity Management Expert (S-BMCE)
- Certified Business Continuity Officer (S-CBO)
- Crisis Management Foundation (S-CMF)
- Crisis Management Practitioner (S-CMP)
- Crisis Management Expert (S-CME)
- Certified Crisis Management Officer (S-CCMO)
- Darkweb Foundation (S-DWF)
7. Decision of the admission or non-admission
8.1 The Board decides, on the grounds of the by the applicant provided information and other information made available, whether or not to admit the applicant to the register.
8.2 The applicant will be informed in writing of the outcome of the decision of the Board. A negative decision is reasoned.
8.3 In case the Board rejects the application, the applicant can counteract with a written appeal within two weeks after the date stated on the written rejection.
8.4 The appeal will be examined by the Committee.
8.5 The Committee shall rule on the appeal, within three months of receipt.
8.6 The applicant will be informed in writing of the Committee’s decision.
8.7 Submitting an appeal obliges the applicant tacitly to accept the decision of the Committee and refrain from any further action at law or otherwise.
8.8 The applicant must contribute to the costs of the handling of the appeal. The amount of the contribution is determined by the Board.
8. Registration in the register
8.1 After the Board has decided that the applicant may be admitted to the register, the Secretary will proceed to enrolment if the registry fee for the first year is paid. The date of receipt of the registry contribution is the admission date to the register.
8.2 The registry contribution must be paid in advance to the treasurer of the Foundation.
8.3 The height of the registry contribution is determined annually by the Board and published on its website.
9. Duration of registration
9.1 The registration is valid for a period of three years, provided that the registered pays each year in due time the registry contribution and meets the required Permanent Education.
9.2 After a period of three years, the Board may decide reconsideration of the registration. When not decided to do so, the registration will be tacitly renewed for three years.
9.3 For the purpose of reconsideration, the registered should submit to the Secretary the following documents:
a) A statement of the Continuing Education Points and a proof of how these were obtained;
9.4 After verification and approval of the in the Article 9.3. mentioned documents, the registration will be renewed for a period of three years.
9.5 In case one or more documents mentioned in article 9.3. are not, not in due time or incomplete submitted or completed, the appeal procedure as stated in chapter 7 is uniformly applicable.
10. Termination or suspension of the registration or a request to do so
10.1 The registered may at any time request to terminate the registration.
10.2 The registration ends with the death of the registered.
10.3 The Board may decide to terminate or to suspend a registration when to the opinion of the Board, the registered harms or threatens to harm the interest of the Foundation, does not follow the Code of Conduct, the rules on how to use the title, or if occurring circumstances in respect of the registered that the interests of the Foundation may be affected. In that case the appeal procedure as stated in chapter 7 is uniformly applicable.
10.4 The registration will be terminated when the registry contribution is not paid in due time. During the current calendar year reregistration can take place after payment of the registry contribution and the costs of reregistration. On expiry of that period, reregistration can be done by making an entirely new application for registration, which will be evaluated against the prevailing admission requirements.
10.5 If it subsequently appears that a registration or renewal was partly based on the registered by incorrect information, the Board may decide to terminate the registration. In that case the procedure as stated in article 5.7 will be uniformly applicable.
10.6 If it appears that the registered has used the relevant authentication without the permission of SECO-INSTITUTE before the registration date, then the registration will be suspended for a period of three years. In that case the procedure as stated in 5.7. and 7.8. will be uniformly applicable.
10.7 Only in the event of death of the registered, a refund of the registry contribution can take place upon request.
11. Rights of the registered
11.1 The registered has the right to a written proof of his entry to the register.
11.2 The registered has, during the period he is registered in the register, the right to use the authentication by putting this behind his name indicating the fact that he is registered as Register Certification.
The stipulations in the Regulations and Application form (Declaration use of title) concerning the use and supervision of the authentication are applicable.
The authentication takes legal protection under the Uniform Benelux Law on Marks.
11.3 The registered has the right to require from the Foundation to provide third parties proof of his registration. The costs are € 20,- per request.
11.4 None of the aforementioned rights can be transferred to any third party by the registered, irrespective of the title.
12. Obligations of the registered
12.1 The registered is obliged to report changes in the information given by him to the Foundation within two weeks. If the Foundation considers it necessary, it may request additional information from the registered. In case the registered does not provide the requested information after repeated request, follows suspension of registration. If after a period of thirty days the requested information has not been received, follows deregistration.
12.2 The registered is obliged to use in an appropriate manner the rights as stated in chapter 11 and the regulations concerning the use and supervision on the received authentication and furthermore do nothing that could harm the interest of the Foundation or other recognized educational institution, a goal pursued by them as specified in the relevant articles, or persons registered in the register.
12.3 The registered is obliged to report to the Foundation if it appears to his/her opinion or if he/she suspects that an unregistered is using one of the authentications.
12.4 The registered is obliged to report to the Foundation if it appears to him/her that a registered is using the authentication unworthy.
12.5 The registered needs to ensure that the annual registry contribution is paid in due time.
12.6 The registered is obliged to act accordingly the SECO-INSTITUTE Code of Conduct.
13. Providing data from the registry
13.1 The Foundation has the right to provide the following data from the registry of the registered to third parties: name, first name(s), date and place of birth, private address, company or employer name and address, telephone and/or telefax numbers and title and date of registration.
13.2 In principle, date of birth and place of birth, home address and / or phone number(s) will not be provided to third parties, only upon written (email) consent of the registered.
13.3 A disclosure to third parties shall be registered by the Foundation. A registered shall be notified once per calendar month to whom data were provided.
14. Final remarks
14.1 The Foundation may modify at any time these regulations without having to notify the registrants.
14.2 Registrants are not entitled to any compensation for any damage, which may arise from or as a result of a decision to amend these rules or may occur.
14.3 The Board decides on all matters relating to the register on which these regulations are inconclusive or may decide in derogation thereof. There is no appeal possible against such decision.
14.4 These regulations were adopted by the Board on September 8, 2016 and is effective of immediately.