Third Party Cyber Risk Assessor (TPCRA) Certification Examination & Training Bundle - 2 Day

Description

This Bundle includes the TPCRA Examination and 12 hours of specialized training, held virtually over Zoom. This is a 2-day training, held for 6 hours per day.

What is the TPCRA?

The TPCRA Certification is a specialized qualification designation that will:

• Confirm your understanding & skill in the assessment of third party cybersecurity controls and processes.
• Validate your competency in the creation, execution, & management of third party cyber risk assessments.
• Authenticate & add credibility to your expertise as a third party cyber risk assessor.

Evidence your proficiency with various cybersecurity & information technology assessment terms & techniques.

Who is the TPCRA For?

The TPCRA is the standard of achievement for those who assess, monitor, and review third party cybersecurity and information technology controls, as well as identify and mitigate risk related to said controls. Such roles may include, but are not limited to:

• Third Party Risk Management Practitioners
• Procurement Specialist
• Vendor Managers
• Auditors
• Information Security Professionals
• Privacy or Compliance Specialists
• Legal Professionals

Training

• Training provides you with 12 hours of in-depth discussion on the examination domains, hands-on experience designing and performing cyber assessments, as well as opportunities to perform mock interviews and run through physical validation scenarios.
• Training includes access to study and practice materials such as:
  • Student Training Manual
  • Training PowerPoint
  • Practice quizzes
  • Select educational videos
  • A variety of templates, including questionnaires, reports, and more
• Training is taught by a knowledgeable subject matter expert who has achieved the TPCRA Certification designation.
• Training is held live over Zoom during the designated days and times.
• OPTIONAL: Trainees may choose to purchase the book "Cybersecurity and Third-Party Risk: Third Party Threat Hunting" by Gregory Rasner to supplement their preparation needs.

Domains

Training and the exam cover the following domains:

1. Cybersecurity & Third Party Risk Management Basics
2. Pre-Contract Due Diligence
3. Continuous Monitoring
4. Physical Validation
5. Disengagement Due Diligence
6. Cloud Due Diligence
7. Reporting & Analytics
8. Practitioner Ethics

Examination Outline

• The examination is a 150-question, multiple-choice assessment. Questions will include a variety of formats, such as scenario-based, true or false, and choose the best response.
• The time limit is 3 hours for the examination process, broken out into the following:
  • 5 minutes to read and sign the NDA
  • 10 minutes to complete the optional tutorial
  • 160 minutes to complete the examination
  • 5 minutes to complete the post-exam survey
  • The examination is a closed-book assessment that will be monitored via an assigned proctor.

Passing Score

• You must receive an 80% or higher score to pass the TPCRA examination.

Exam Scheduling

• The examination will be taken in person at a PearsonVue testing facility.
• Examinations may be scheduled at a day/time that suits you via a PearsonVue location.
• PearsonVue offers over 5,000 test facilities worldwide and is ADA-compliant. If you have a special request for accommodations, please contact Julie Gaiaschi at julie@tprassociation.org.

Training

Learning Objectives

1. Cybersecurity & Third Party Risk Management Basics
2. Pre-Contract Due Diligence
3. Continuous Monitoring
4. Physical Validation
5. Disengagement Due Diligence
6. Cloud Due Diligence
7. Reporting & Analytics
8. Practitioner Ethics

Procedure

1. Enroll in the course. (Please ensure your name on the application exactly matches your ID, as you will need to present your ID to take the examination.)
2. Attend training.
3. TPRA will authorize you through PearsonVue.
4. PearsonVue will contact you via email to schedule your exam location & date.
5. Take your exam. (You must score 80% to pass. If you do not pass, you may retake the test.)
6. Submit Work Experience.
7. Once Work Experience and Exam Results are reviewed and approved, you will be notified of your certification status and receive your official designation.

Course Content