WIXLIB

CPP, PCI, PSP, and APP Exams2022Eligibility RequirementsCPP Exam Eligibility RequirementsThose who earn the CPP are ASIS Board Certified in security management. This credential providesdemonstrable proof of knowledge and management skills in several key domains of security. CPPcandidates must meet the following requirements:a. Seven years of security work experience, with at least three of those years in responsible charge of asecurity function*-orb. A bachelor’s degree or higher and five years of security work experience, with at least three of thoseyears in responsible charge of a security function*PCI Exam Eligibility RequirementsThose who earn the PCI are ASIS Board Certified in investigations. This credential provides demonstrableproof of an individual’s knowledge and experience in case management, evidence collection, and preparationof reports and testimony to substantiate findings. PCI candidates must meet the following requirements:Three to five years of experience depending on level of education completed. Experience must include at least two years of case management**PSP Exam Eligibility RequirementsThose who earn the PSP are ASIS Board Certified in physical security. This credential provides demonstrableknowledge and experience in threat assessment and risk analysis; integrated physical security systems;and the appropriate identification, implementation, and ongoing evaluation of security measures. PSPcandidates must meet the following requirements:Three to five years of experience depending on level of education completed.*“Responsible charge” means that the applicant has the authority to make independent decisions and take independent actions to determineoperational methodology and manage execution of a security-related project or process. This definition does not require the individual tosupervise others and generally excludes such positions as patrol officer or the equivalent.**“Investigation” is the logical collection of information through inquiry and examination for the purpose of developing evidence leading to problemresolution. “Case management” is the coordination and direction of an investigation utilizing various disciplines and resources, the findings ofwhich would be assessed to establish the facts/findings of the investigation as a whole; the management process of investigation.Copyright ASIS International · January 2021 Page 3

CPP, PCI, PSP, and APP Exams2022APP Exam Eligibility RequirementsThe Associate Protection Professional (APP) designation is intended for those with one to three years ofsecurity management experience. The exam will measure the professional’s knowledge of security management fundamentals, business operations, risk management, and response management. The candidateneeds a combination of experience and education to apply for the APP.Security Management ExperienceEducationOne yearMaster’s degree (or internationalequivalent)Two yearsBachelor’s degree(or international equivalent)Three yearsNo higher education degreeFor complete information on application policies, visit the ASIS International website’s Certification section(asisonline.org) or email: certification@asisonline.org.Creating a Study PlanSelf-Assessment for CPP, PCI, PSP, and APP Exams provides assistance for all types of learners withvarying resources for study. Candidates should determine the best study tools and method for their success.What should you expect? Page 4 Start early Plan on more than 250 study hours in a six- to eight-month period. There is direct correlation to passing the exam and the time spent studying.Schedule time to study Study as if the designation is a job requirement. Studying is an obligation. Put time aside each week as part of your regular schedule. Set responsible blocks of time—two to three hours.Copyright ASIS International · January 2021

CPP, PCI, PSP, and APP Exams2022The strongest predictor of success is study time. Putting in the hours makes a difference. Pass rates increase significantly for those putting in 250 hours. However, those candidates studying more than 360hours have a lower pass rate. Knowing what to study and knowing what to review will determine success.An exam consists of multiple-choice questions covering tasks, knowledge, and skills in the domains identifiedby CPPs, PCIs, PSPs, and APPs as the major areas involved in security management, investigations andcase management, or physical security. Candidates are encouraged to refer to the references or their readingmaterials as they prepare for the exam. After carefully reviewing the domains of study and identifyingindividual learning needs, candidates may use additional references and study opportunities as necessary.Conduct a Self-AssessmentAny educator or security professional will tell you that it is important to do an assessment before you tryto design an effective study plan. Self-assessments are nothing more than understanding what you knowversus what you do not know. It does not require a formal evaluation. Without the assessment, how do youknow what topics you need to study?An assessment at the start will save you time, and it gives you a study map toward succeeding. Make effective use of your time by studying areas of weakness. Review areas of strength, but do not over analyze familiar content, because it will waste valued time.Remember, the domains, tasks, and knowledge statements found on each exam are developed by securitymanagers working in the field. These are considered best practices by your peers but may differ from howyou conduct security-related business in your own organization.An Assessment ToolASIS has constructed the following Self-Assessment tool using the current exam content as the elementswithin the assessment tool. For those with interest in the CPP, the self-assessment begins on page 6. ThePCI assessment starts on page 15. The PSP assessment begins on page 19. The APP assessment beginson page 24.Consider each task and knowledge statement in the assessment for your depth of understanding of thesubject. Score your knowledge of each task on a 1-to-5 scale, with 1 “I do not know what this task is” to 5“I can clearly explain the task to someone else.” The low scores are the tasks and domains that you shouldstudy thoroughly.Copyright ASIS International · January 2021 Page 5

CPP, PCI, PSP, and APP Exams2022Self-Assessment Tool for Creating a Study PlanRate Understanding1234Domains and Tasks of the5CPP Certification ExamI. Security Principles and Practices (22%)Task 1.Plan, develop, implement, and manage the organization’s securityprogram to protect the organization’s assets.Knowledge of:1.Principles of planning, organization, and control2.Security theory, techniques, and processes (e.g., artificial intelligence,IoT)3.Security industry standards (e.g., ASIS/ISO)4.Continuous assessment and improvement processes5.Cross-functional organizational collaboration6.Enterprise Security Risk Management (ESRM)Task 2.Develop, manage, or conduct the security risk assessment process.Knowledge of:1.Quantitative and qualitative risk assessments2.Vulnerability, threat, and impact assessments3.Potential security threats (e.g., “all hazards,” criminal activity, terrorism,consequential)Task 3.Evaluate methods to improve the security program on a continuousbasis through the use of auditing, review, and assessment.Knowledge of:1.Cost-benefit analysis methods2.Risk management strategies (e.g., avoid, assume/accept, transfer,spread)3.Risk mitigation techniques (e.g., technology, personnel, process, facilitydesign)4.Data collection and trend analysis techniquesTask 4.Develop and manage professional relationships with externalorganizations to achieve security objectives.Knowledge of:Page 6 1.Roles and responsibilities of external organization and agencies2.Methods for creating effective working relationships3.Techniques and protocols of liaison4.Local and national public/private partnershipsCopyright ASIS International · January 2021Track ProgressHours ofStudyDate StudyComplete

CPP, PCI, PSP, and APP ExamsRate Understanding1234Domains and Tasks of the5CPP Certification ExamTask 5.2022Track ProgressHours ofStudyDate StudyCompleteDevelop, implement, and manage workforce security awarenessprograms to achieve organizational goals and objectives.Knowledge of:1.Training methodologies2.Communication strategies, techniques, and methods3.Awareness program objectives and program metrics4.Elements of a security awareness program (e.g., roles andresponsibilities, physical risk, communication risk, privacy)II. Business Principles and Practices (15%)Task 1.Develop and manage budgets and financial controls to achieve fiscalresponsibility.Knowledge of:1.Principles of management accounting, control, audits, and fiduciaryresponsibility2.Business finance principles and financial reporting3.Return on Investment (ROI) analysis4.The lifecycle for budget planning purposesTask 2.Develop, implement, and manage policies, procedures, plans, anddirectives to achieve organizational objectives.Knowledge of:1.Principles and techniques of policy/procedures development2.Communication strategies, methods, and techniques3.Training strategies, methods, and techniques4.Cross-functional collaboration5.Relevant laws and regulationsTask 3.Develop procedures/techniques to measure and improveorganizational productivity.Knowledge of:1.Techniques for quantifying productivity/metrics/key performanceindicators (KPI)Copyright ASIS International · January 2021 Page 7

CPP, PCI, PSP, and APP Exams2022Rate Understanding1234Domains and Tasks of the5CPP Certification Exam2.Data analysis techniques and cost-benefit analysis3.Improvement techniques (e.g., pilot/beta testing programs, education,training)Task 4.Develop, implement, and manage security staffing processes andpersonnel development programs in order to achieve organizationalobjectives.Knowledge of:1.Interview techniques for staffing2.Candidate selection and evaluation techniques3.Job analysis processes4.Pre-employment background screening5.Principles of performance evaluations, 360 reviews, and coaching/mentoring6.Interpersonal and feedback techniques7.Training strategies, methodologies, and resources8.Retention strategies and methodologies9.Talent management and succession planningTask 5.Monitor and ensure an acceptable ethical climate in accordance withregulatory requirements and organizational culture.Knowledge of:1.Governance standards2.Guidelines for individual and corporate behavior3.Generally accepted ethical principles4.Confidential information protection techniques and methods5.Legal and regulatory complianceTask 6.Develop performance requirements and contractual terms for securityvendors/suppliers.Knowledge of:Page 8 1.Key concepts in the preparation of requests for proposals and bidreviews/evaluation2.Service Level Agreement (SLA) terms, metrics, and reporting3.Contract law, indemnification, and liability insurance principles4.Monitoring processes to ensure that organizational needs andcontractual requirements are being metCopyright ASIS International · January 2021Track ProgressHours ofStudyDateStudyComplete

CPP, PCI, PSP, and APP ExamsRate Understanding1234Domains and Tasks of the5CPP Certification Exam2022Track ProgressHours ofStudyDateStudyCompleteIII. Investigations (9%)Task 1.Identify, develop, implement, and manage investigative operations.Knowledge of:1.Principles and techniques of policy and procedure development2.Organizational objectives and cross-functional collaboration3.Types of investigations (e.g., incident, misconduct, compliance duediligence)4.Internal and external resources to support investigative functions5.Report preparation for internal/external purposes and legal proceedings6.Laws pertaining to developing and managing investigative programsTask 2.Manage or conduct the collection, preservation, and disposition ofevidence to support investigative actions.Knowledge of:1.Protection/preservation of crime scene2.Evidence collection techniques3.Requirements of chain of custody4.Methods for preservation/disposition of evidence5.Laws pertaining to the collection, preservation, and disposition ofevidenceTask 3.Manage or conduct surveillance processes.Knowledge of:1.Surveillance and counter-intelligence techniques2.Technology/equipment and human resources (e.g., Unmanned AircraftSystems (UAS), robotics)3.Laws pertaining to managing surveillance processesTask 4.Manage and conduct investigations requiring specialized tools,techniques, and resources.Knowledge of:1.Financial and fraud related crimes2.Intellectual property and espionage crimes3.Crimes against property (e.g., arson, vandalism, theft, sabotage)4.Cybercrimes (e.g., distributed denial of service (DDoS), phishing,ransomware)Copyright ASIS International · January 2021 Page 9

CPP, PCI, PSP, and APP Exams2022Rate Understanding1234Domains and Tasks of the5CPP Certification Exam5.Crimes against persons (e.g., workplace violence, human trafficking,harassment)Task 5.Manage or conduct investigative interviews.Knowledge of:1.Interview and interrogation techniques2.Techniques for detecting deception3.Non-verbal communication and cultural considerations4.Rights of interviewees5.Required components of written statements6.Legal considerations pertaining to managing investigative interviewsTask 6.Provide support to legal counsel in actual or potential criminal or civilproceedings.Knowledge of:1.Statutes, regulations, and case law governing or affecting the securityindustry and the protection of people, property, and information2.Criminal law and procedures3.Civil law and procedures4.Employment law (e.g., confidential information, wrongful termination,discrimination, harassment)IV. Personnel Security (11%)Task 1.Develop, implement, and manage background investigation processesfor hiring, promotion, and retention of individuals.Knowledge of:1.Background investigations and personnel screening techniques2.Quality and types of information sources (e.g., open source, socialmedia, government databases, credit reports)3.Screening policies and guidelines4.Laws and regulations pertaining to personnel screeningTask 2.Develop, implement, manage, and evaluate policies and proceduresto protect individuals in the workplace against human threats (e.g.,harassment, violence, active assailant).Knowledge of:Page 10 1.Protection techniques and methods2.Threat assessment3.Prevention, intervention, and response tactics4.Educational and awareness program design and implementationCopyright ASIS International · January 2021Track ProgressHours ofStudyDate StudyComplete

CPP, PCI, PSP, and APP ExamsRate Understanding1234Domains and Tasks of the5CPP Certification Exam5.Travel security (e.g., flight planning, global threats, consulate services,route selection, contingency planning)6.Industry/labor regulations and applicable laws7.Organizational efforts to reduce employee substance abuse2022Track ProgressHours ofStudyDate StudyCompleteTask 3.Develop, implement, and manage executive protection programs.Knowledge of:1.Executive protection techniques and methods2.Threat analysis3.Liaison and resource management techniques4.Selection, costs, and effectiveness of proprietary and contract executiveprotection personnelV. Physical Security (16%)Task 1.Conduct facility surveys to determine the current status of physicalsecurity.Knowledge of:1.Security protection equipment and personnel (e.g., Unmanned AircraftSystems (UAS), robotics)2.Survey techniques (e.g., document review, checklist, onsite visit,stakeholder interviews)3.Building plans, drawings, and schematics4.Risk assessment techniques5.Gap analysisTask 2.Select, implement, and manage physical security strategies tomitigate security risks.Knowledge of:1.Fundamentals of security system design2.Countermeasures (e.g., policies, technology, procedures)3.Budgetary projection development process (e.g., technology, hardware,labor)4.Bid package development and evaluation process5.Vendor qualification and selection process6.Testing procedures and final acceptance (e.g., commissioning, factoryacceptance test)7.Project management techniques8.Cost-benefit analysis techniques9.Labor-technology relationshipCopyright ASIS International · January 2021 Page 11

CPP, PCI, PSP, and APP Exams2022Rate Understanding1234Domains and Tasks of theCPP Certification Exam5Task 3.Assess the effectiveness of the security measures by testing andmonitoring.Knowledge of:1.Protection personnel, hardware, technology, and processes2.Audit and testing techniques (e.g., operation testing)3.Predictive, preventive, and corrective maintenanceVI. Information Security (14%)Task 1.Conduct surveys to evaluate current status of information securityprogramsKnowledge of:1.Elements of an information security program, including physical security;procedural security; information systems security; employee awareness;and info

The ASIS Professional Certification Board (PCB) manages the certification programs by assuring that standards are developed and maintained, quality assurance is in place and that the test accurately reflects the duties and responsibilities of security professionals in the areas of security management, investigations and physical security.