Third Party Cyber Risk Assessor (TPCRA) Certification Examination

Description

What is the TPCRA?

The TPCRA Certification is a specialized qualification designation which will:

• Confirm your understanding & skill in the assessment of third party cybersecurity controls and processes.
• Validate your competency in the creation, execution, & management of third party cyber risk assessments.
• Authenticate & add credibility to your expertise as a third party cyber risk assessor.

Evidence your proficiency with various cybersecurity & information technology assessment terms & techniques.

Who is the TPCRA For?

The TPCRA is the standard of achievement for those who assess, monitor, and review third party cybersecurity and information technology controls, as well as identify and mitigate risk related to said controls. Such roles may include, but are not limited to:

• Third Party Risk Management Practitioners
• Procurement Specialist
• Vendor Managers
• Auditors
• Information Security Professionals
• Privacy or Compliance Specialists
• Legal Professionals

Domains

1. Cybersecurity & Third Party Risk Management Basics
2. Pre-Contract Due Diligence
3. Continuous Monitoring
4. Physical Validation
5. Disengagement Due Diligence
6. Cloud Due Diligence
7. Reporting & Analytics
8. Practitioner Ethics

Examination Outline

• The examination is a 150-question, multiple-choice assessment. Questions will include a variety of formats, such as scenario-based, true or false, and choose the best response.
• The time limit is 3 hours for the examination process, broken out into the following:
• 5 minutes to read and sign the NDA
• 10 minutes to complete the optional tutorial
• 160 minutes to complete the examination
• 5 minutes to complete the post-exam survey
• The examination is a closed-book assessment that will be monitored via an assigned proctor.
  

Exam Scheduling

• The examination will be taken in person at a PearsonVue testing facility.
• Examinations may be scheduled at a day/time that suits you via a PearsonVue location.
• PearsonVue offers over 5,000 test facilities worldwide and is ADA-compliant. If you have a special request for accommodations, please contact Julie Gaiaschi at julie@tprassociation.org.

Learning Objectives

1. Cybersecurity & Third Party Risk Management Basics
2. Pre-Contract Due Diligence
3. Continuous Monitoring
4. Physical Validation
5. Disengagement Due Diligence
6. Cloud Due Diligence
7. Reporting & Analytics
8. Practitioner Ethics

Procedure

1. Enroll in the course. (Please ensure your name on the application exactly matches your ID, as you will need to present your ID to take the examination.)
2. TPRA will authorize you through PearsonVue.
3. PearsonVue will contact you via email to schedule your exam location & date.
4. Take your exam. (You must score 80% to pass. If you do not pass, you may retake the test.)
5. Submit Work Experience.
6. Once Work Experience and Exam Results are reviewed and approved, you will be notified of your certification status and receive your official designation.

Course Content