Auditors

Interested in learning more about SIM3 and OCF? Become an auditor! As a Certified SIM3 Auditor you will have the chance to improve your skills and learn from an experienced security team.

A certified SIM3 Auditor has the following rights:

  • Show accreditation as Certified SIM3 Auditor and have direct QA contact with the OCF
  • Perform SIM3 assessments and issue reports and assessment validations using OCF & SIM3 logo
  • Perform SIM3 audits and issue reports and audit certificates using OCF & SIM3 logo
  • Attend OCF/SIM3 development/sharing workshops at marginal cost only & receive updated materials
  • Mentioned with name and photo on OCF website as seen below – unless you wish to stay unnamed)

And the following duties:

  • Perform SIM3 assessments and audits adhering to OCF/SIM3 code of ethics – ethics will be common sense
  • Attend at least one OCF/SIM3 development/sharing workshop every 3 years
  • Show to have done at least 1 assessment or audit per year, by sending in a short report with findings and recommendations for SIM3 development – nothing confidential!
  • Report audits to OCF – only name and date, no content
  • Annual fee for maintenance of status: based on not-for-profit – first year after training is free

Increasingly, the auditors of OCF come from all continents – they are all listed below. This list is authoritative – being on here means that the Certification of these auditors are all current, and they are in good standing. If you need more information about a specific auditor, country or region in regard SIM3, you are welcome to contact us via the contact page.

OCF & other global organisations

Open CSIRT Foundation

Africa

AfricaCERT

Asia Pacific

Japan

Europe & Middle East

European Union

Czech Republic

France

Latvia

Poland

All other countries :

auditors being re-added due to website migration and improvement