top of page

Security Risk Management
Certified Professional

The Security Risk Management Certified Professional (SRMCP) represents the apex of professional certifications in the domain of Security Risk Management (SRM). It is not merely a credential but a testament to an individual's deep-seated expertise, robust experience, and unwavering dedication to security risk management. The SRMCP designation is synonymous with comprehensive knowledge and practical proficiency in SRM principles, methodologies, and best practices.


When seeking a qualified professional in security risk management, look for those bearing the SRMCP credential. They have navigated a challenging path to earn this premier certification, showcasing their in-depth theoretical understanding and their capacity to manage security risks in dynamic and intricate environments. These professionals have demonstrated their skill and commitment, translating theory into practice and problem-solving under real-world conditions.


At the heart of the SRMCP credential is the Security Risk Management Body Of Knowledge (SRMBOK), a compendium of crucial SRM facets. Those who have earned the SRMCP are conversant in all these facets and are adept at applying this knowledge across diverse scenarios.


Securing this elite accreditation is an arduous journey with stringent requirements. Applicants must gather at least 100 points, reflecting their educational qualifications, professional certifications, and accumulated experience. This rigorous system ensures that only the most accomplished professionals can earn the SRMCP credential.


The SRMCP certification process requires meticulously appraising an applicant's qualifications, credentials, and work history. If you are considering employing the services of a security risk management professional, it is prudent to consider an SRMCP holder. By choosing an SRM-certified professional, you entrust your security needs to an expert who has proven their worth in the field, validated by this most respected accreditation.


In short, when you see the SRMCP credential, you are dealing with a top-tier security risk management professional. The SRMCP is not merely a certification but a guarantee of quality, experience, and professionalism. When it comes to your security risk management needs, don't settle for less. Look for the SRMCP.

SRMCP Criteria


SRMCP holders are expected to have a thorough knowledge and understanding of key security risk management principles, methodologies, and best practices. This competence is demonstrated by their proficiency in:

  1. Identifying and assessing potential security risks.

  2. Developing and implementing effective security risk management plans.

  3. Utilizing modern SRM tools and technologies.

  4. Understanding legal and regulatory requirements related to security risk management.

  5. Evaluating the effectiveness of security measures and improving them when necessary.


The SRMCP certification requires proven practical experience in the field of SRM. This includes:

  1. A minimum of 5 years of direct work experience in security risk management.

  2. Demonstrable experience across a range of security risk management roles, functions, and sectors.

  3. Practical experience in dealing with complex and evolving security environments.

  4. Evidence of effective application of SRM principles and practices in real-world contexts.


SRMCP holders are expected to demonstrate capabilities that extend beyond the basic knowledge and experience in SRM. This includes:


  1. The ability to think strategically about security risks and how they impact an organization.

  2. The capacity to make informed decisions under pressure and in complex situations.

  3. The skill to communicate effectively with a variety of stakeholders, including senior management, to explain the risks and propose appropriate solutions.

  4. The capability to keep up-to-date with emerging trends, threats, and opportunities in the field of SRM.

  5. Demonstrable leadership skills in managing teams and projects in the SRM sphere.

Professional Standards

In addition to the above requirements, SRMCP holders are expected to abide by the SRMCP Code of Ethical Conduct and the Statement of Commitment to the Security Risk Management Profession. These standards ensure that SRMCP holders uphold their practice's highest professional and ethical standards.

Code of Ethical Conduct


An SRMCP holder must:

  1. Act in the interests of societal security and their client.

  2. Perform their duties in accordance with the law and in line with statutory requirements at all times.

  3. Act and behave at all times with integrity.

  4. Demonstrate competence in discharging their professional responsibilities.

  5. Exhibit diligence and fidelity in discharging their professional responsibilities.

  6. Maintain confidentiality and not disclose confidential information to any unauthorized party, ensuring such information is not used for personal benefit.

  7. Not maliciously injure the professional reputation or practice of colleagues, clients, or employers.

  8. Not knowingly associate with any individual or enterprise engaging in illegal or improper activities or methods for securing business.


The SRMCP Board sets down this code of conduct to guide the professional and personal conduct of SRMCP holders and the security risk management profession at large.

Statement of Commitment to the Security Risk Management Profession


The SRMCP has been established as a certification which indicates the successful applicants’ skills to be of the high ethical standard of professionalism expected of security risk advisors, managers, and leaders.


The purpose of the SRMCP is to support the development of the professionalism of security risk management practitioners. SRMCPs uphold themselves to, and are accepted by, the public as possessing special knowledge and skills in a widely recognized, organized body of knowledge at a high level, and who are prepared to exercise this knowledge and these skills in the interest of others. 

bottom of page