SCA Practitioner

Certified SCA Practitioner (CSCAP) Testing Process 

As a software developer, are you able to legitimately demonstrate Secure Software Development Practices (SSDP) expertise? Th Certified SCA Practitioner (CSCAP) is an individual certification that is intended to provide you with objective evidence of your SSDP skills to employers, clients and other stakeholders that rely on your build and maintain secure applications and systems.

​The Certified SCA Practitioner (CSCAP) certification leverage an online platform to test applicants on subject matter expertise that awards the applicant with a certification upon successfully passing a knowledge exam. 

Certified SCA Practitioner (CSCAP)

• Cost: $350.00 (USD)
• Format: Computer Based Training (CBT) with a closed book, online knowledge exam
• # Questions: One Hundred (100)
• Pass Criteria: Seventy Percent (70%)
• Certification Validity: Three (3) years
• Scope: SCA-BoK (general & practitioner-specific material)
• URL: https://training.securecontrolsframework.com/products/courses/sca-practitioner

We want you to be successful, so we compiled a list of example questions that you could expect to see on either the CSCAP and/or CSCAA certification exams. These example questions so that you can get familiarity and gain confidence in your path towards certification!

The SCA BoK is a summarized version of these industry-recognized secure practices that provides expectations for knowledge / competency associated with the Certified SCA Practitioner (CSCAP) and Certified SCA Architect (CSCAA) roles. The SCA BoK is a free resource to download: 

Need Help Justifying The Cost To Get Certified As A SCA Practitioner? This Should Help!

Please feel free to use the following text as a template you can edit to help justify the expense to your boss/supervisor to earn your certification:

​As a professional developer, who is dedicated to adhering to industry-recognized secure development practices to both protect our organization and implement expected compliance requirements, please consider my proposal to earn a Certified SCA Practitioner (CSCAP) certification through the Secure Code Alliance (SCA).

CSCAP certification is focused on demonstrating professional competence with Secure Software Development Practices (SSDP). In addition to our requirements from [NIST SP 800-53 / NIST SP 800-171 / CMMC / PCI DSS v4 / CIS v8 / ISO 27002] to perform secure coding practices, the mandates from Executive Order (EO) 14028 for software security requirements within the US Government’s supply chain affect organizations like ours. We will need to demonstrate SSDP throughout the software lifecycle and be able to document how we:

• • Reduce the number of vulnerabilities in released software;
  • Reduce the potential impact of the exploitation of undetected or unaddressed vulnerabilities; and
  • Address the root causes of vulnerabilities to prevent recurrences. 

​The CSCAP certification is specifically curated towards software providers that need a practical approach to demonstrate:

• • Its personnel are appropriately addressing security threats; and
  • The organization invests in the culture of cybersecurity and privacy.

​There is no cost for travel since this is all computer-based training and testing. The cost for certification is $350 for CSCAP  and that is valid for a period of three years. My certification is a smart investment of time and resources that will deliver real value to our organization. Thank you for your consideration.