Cal. Code Regs. Tit. 11, § 999.195 - Renewal of Approval

Current through Register 2022 Notice Reg. No. 14, April 8, 2022

(a) The certificate of approval issued by the ERDS program to a Computer Security Auditor shall be renewed prior to expiration in order to remain valid. The applicant for renewal shall submit to the ERDS Program all of the following:
(1) An Application for Computer Security Auditor Approval form #ERDS 0002 indicating renewal, which shall be dated and signed with a declaration under penalty of perjury under the laws of the State of California that all information contained therein, and all information submitted with the application, is true, correct, and complete; an acknowledgment that providing any false or dishonest information in connection with the application may be grounds for denial or subsequent termination or suspension of approval; and an attestation that the applicant is not an Authorized Submitter, Agent of an Authorized Submitter, or Certified Vendor of ERDS Software as defined in this chapter.
(2) At least one of the following to demonstrate that the applicant has met the significant experience criteria required for renewal of approval as a Computer Security Auditor:
(A) A copy of the applicant's Certified Internal Auditor certification in good standing from the Institute of Internal Auditors attached to the Application for Computer Security Auditor Approval form #ERDS 0002, and a completed Reference(s) for ERDS Computer Security Auditor form #ERDS 0004 (May 2011) listing reference contacts for whom the applicant has worked within the last five (5)-year period who can verify the applicant has at least two (2) years of experience in the evaluation and analysis of Internet security design and in conducting security testing procedures, and specific experience performing Internet penetration studies.
(B) A copy of the applicant's Certified Information Systems Auditor certification in good standing from the Information Systems Audit and Control Association attached to the Application for Computer Security Auditor Approval form #ERDS 0002, and a completed Reference(s) for ERDS Computer Security Auditor form #ERDS 0004 (May 2011) listing reference contacts for whom the applicant has worked within the last five (5)-year period who can verify the applicant has at least two (2) years of experience in the evaluation and analysis of Internet security design and in conducting security testing procedures, and specific experience performing Internet penetration studies.
(C) A copy of the applicant's Certified Fraud Examiner certification in good standing from the Association of Certified Fraud Examiners attached to the Application for Computer Security Auditor Approval form #ERDS 0002 and a completed Reference(s) for ERDS Computer Security Auditor form #ERDS 0004 (May 2011) listing reference contacts for whom the applicant has worked within the last five (5)-year period who can verify the applicant has at least two (2) years of experience in the evaluation and analysis of Internet security design and in conducting security testing procedures, and specific experience performing Internet penetration studies.
(D) A copy of the applicant's Certified Information Systems Security Professional certification in good standing from the International Information Systems Security Certification Consortium attached to the Application for Computer Security Auditor Approval form #ERDS 0002 and a completed Reference(s) for ERDS Computer Security Auditor form #ERDS 0004 (May 2011) listing reference contacts for whom the applicant has worked within the last five (5)-year period who can verify the applican has at least two (2) years of experience in the evaluation and analysis of Internet security design and in conducting security testing procedures, and specific experience performing Internet penetration studies.
(E) A copy of the applicant's Global Information Assurance Certification in good standing from the SysAdmin, Audit, Network, Security Institute attached to the Application for Computer Security Auditor Approval form #ERDS 0002 and a completed Reference(s) for ERDS Computer Security Auditor form #ERDS 0004 (May 2011) listing reference contacts for whom the applicant has worked within the last five (5)-year period who can verify the applicant has at least two (2) years of experience in the evaluation and analysis of Internet security design and in conducting security testing procedures, and specific experience performing Internet penetration studies.
(b) If the certificate holder fails to comply with the renewal requirements set forth in this provision, the certificate of approval issued by the ERDS Program shall expire and will no longer be valid at midnight on the expiration date stated on the certificate. The holder of an expired certificate must cease all Computer Security Auditor services. An application for renewal received after the certificate expiration date will be considered an application for initial approval as a Computer Security Auditor.

Notes

Cal. Code Regs. Tit. 11, § 999.195

Note: Authority cited: Sections 27393 and 27394(b), Government Code. Reference: Sections 27392(a), 27393(b)(2), 27393(c) and 27394(b), Government Code.

1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)-(f) filed 8-11-2014; operative 10-1-2014 (Register 2014, No. 33).
3. Amendment filed 10-7-2019; operative 1-1-2020 (Register 2019, No. 41).
4. Change without regulatory effect amending Application for Computer Security Auditor Approval form #ERDS 0002 (incorporated by reference) and amending subsections (a)(1)-(a)(1)(E) filed 5-27-2021 pursuant to section 100, title 1, California Code of Regulations (Register 2021, No. 22). Filing deadline specified in section 100, title 1, California Code of Regulations extended 60 calendar days pursuant to Executive Order N-40-20 and an additional 60 calendar days pursuant to Executive Order N-71-20.

The following state regulations pages link to this page.



State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.