SCA Architect

Certified SCA Architect (CSCAA) Testing Process 

As a software architect, are you able to legitimately demonstrate Secure Software Development Practices (SSDP) expertise? The Certified SCA Architect (CSCAA) is an individual certification that is intended to provide you with objective evidence of your SSDP skills to employers, clients and other stakeholders that rely on your architect and maintain secure applications and systems.

​The Certified SCA Architect (CSCAA) certification leverage an online platform to test applicants on subject matter expertise that awards the applicant with a certification upon successfully passing a knowledge exam. 

Certified SCA Architect (CSCAA)

• Cost: $500.00 (USD)
• Format: Computer Based Training (CBT) with a closed book, online knowledge exam
• # Questions: One Hundred (100)
• Pass Criteria: Seventy-Five Percent (75%)
• Certification Validity: Three (3) years
• Scope: SCA Body of Knowledge (SCA BoK) (general, practitioner and architect-specific material)
• URL: https://training.securecontrolsframework.com/products/courses/sca-architect

We want you to be successful, so we compiled a list of example questions that you could expect to see on either the CSCAP and/or CSCAA certification exams. These example questions so that you can get familiarity and gain confidence in your path towards certification!

The SCA BoK is a summarized version of these industry-recognized secure practices that provides expectations for knowledge / competency associated with the Certified SCA Practitioner (CSCAP) and Certified SCA Architect (CSCAA) roles. The SCA BoK is a free resource to download:  

Need Help Justifying The Cost To Get Certified As A SCA Architect? This Should Help!

Please feel free to use the following text as a template you can edit to help justify the expense to your boss/supervisor to earn your certification:

​As a professional software architect, who is dedicated to adhering to industry-recognized secure development practices to both protect our organization and implement expected compliance requirements, please consider my proposal to earn a Certified SCA Architect (CSCAA) certification through the Secure Code Alliance (SCA).

CSCAA certification is focused on demonstrating professional competence with Secure Software Development Practices (SSDP). In addition to our requirements from [NIST SP 800-53 / NIST SP 800-171 / CMMC / PCI DSS v4 / CIS v8 / ISO 27002] to perform secure coding practices, the mandates from Executive Order (EO) 14028 for software security requirements within the US Government’s supply chain affect organizations like ours. We will need to demonstrate SSDP throughout the software lifecycle and be able to document how we:

• • Reduce the number of vulnerabilities in released software;
  • Reduce the potential impact of the exploitation of undetected or unaddressed vulnerabilities; and
  • Address the root causes of vulnerabilities to prevent recurrences. 

​The CSCAA certification is specifically curated towards software providers that need a practical approach to demonstrate:

• • Its personnel are appropriately addressing security threats; and
  • The organization invests in the culture of cybersecurity and privacy.

​There is no cost for travel since this is all computer-based training and testing. The cost for certification is $500 for CSCAA and that is valid for a period of three years. My certification is a smart investment of time and resources that will deliver real value to our organization. Thank you for your consideration.