The International NGO Safety and Security Association (INSSA) has established a certification process to certify that NGO security risk management professionals possess the necessary competence to do their job safely and effectively. At the core of certification is the INSSA Security Risk Management Competency Profile.

Competencies describe the behaviors necessary to be able to function at a particular professional level, regardless of job or title. They can be used to help identify the necessary knowledge, skills, abilities and other characteristics (KSAOs) for a job, to assess whether someone has the required KSAOs at a particular level, to identify learning gaps, and to demonstrate career progression. The INSSA Security Risk Management Competency Profile includes four certification levels increasing in responsibility and scope: Country, Regional, Global and Executive.

INSSA Security Risk Management Professional – Country and Regional Certification

INSSA has launched its certification program for security risk management professionals (SRMP) at Country and Regional levels (Global and Executive levels will follow). Gaining certification indicates that an individual has demonstrated a specific level of competence to be certified as an INSSA security risk management professional.

The SRMP-Country certification consists of personnel operating predominantly in field offices with a mandate of one country or a portion of one individual country.

The SRMP-Regional certification consists of personnel operating predominantly in regional offices with a mandate of two or more countries.  In order to apply for the SRMP-Regional level certification, members will have had to complete the SRMP-Country level first.

INSSA certification process and requirements are described in the sections below.

Eligibility Requirements

Before applying to become an INSSA Certified Security Risk Management Professional, applicants must have an INSSA membership in good standing and have no record of criminal activity or professional misconduct. INSSA membership includes the requirement to agree to abide by the INSSA Code of Conduct.

To be eligible to apply for the SRMP-Country level certification, applicants must have a minimum of:

  • a secondary school diploma, or international equivalent, and
  • one-year experience working in an NGO field capacity, or
  • six months’ experience working full-time in a field-based security risk management capacity.

To be eligible to apply for the SRMP-Regional level certification, applicants must have a minimum of:

  • SRMP-Country level certification, and
  • six months' experience managing risks in two or more countries, or
  • six months’ experience as a regional security manager

Exam Length and Format

The SRMP-Country level and SRMP-Regional level certification exams each consist of approximately 100 questions. The SRMP-Country level exam is based on the competencies outlined in the INSSA Security Risk Management Competency Profile as applied in a single country or project(s) within a single country. The SRMP-Regional level exam is based on the competencies outlined in the INSSA Security Risk Management Competency Profile as applied in multiple countries with greater levels of responsibility. 

The exams are offered online. To take either exam, applicants must have access to a computer and a reliable internet connection. While the exam will not be supervised, it must be completed in 3-hours. Preparing for the exam is strongly encouraged. Refer to the Prepare for Exam section for more information.

Applicants will receive an e-mail invitation to take the exam after completing the online registration form and paying the exam fee. Applicants will have 60 calendar days upon receiving their e-mail invitation to complete the exam online. This date will be indicated in the invitation e-mail. 

Application and Exam Fee

To apply, you must complete an online application form. Applicants should have the following ready before starting the application process:

  • A photocopy of government-issued photo identification (ID) that has a signature (Driver’s License, Passport, national ID card) with an original signature on the photocopy that must match the signature on the photo ID.
  • Information about your current role, educational background, and previous work experience. Description(s) of work performed that demonstrates a minimum of one year experience working in an NGO field capacity, or a minimum of six months’ experience working full-time in a field-based security risk management capacity, including:
    • Organization’s name
    • Organization’s address in the country in which you are based
    • Contact person’s name, phone number and email that can verify the work experience provided

 The exam fee for the SRMP-Country is 99USD

The exam fee for the SRMP-Regional is 299USD

Acceptable methods of payment include: Credit Card, Visa Debit Card, or PayPal.

Pre-Purchase SRMP Exam Payment Coupons

Individuals and organizations can purchase coupons equal to examination fees for SRMP-C ($99 each) and SRMP-R ($299 each) and distribute among staff as desired.   By purchasing the coupons organizations can pay exam fees on behalf of those staff who cannot pay through credit card or PayPal and provide incentives for the professional development of their security risk management staff.

Here’s how it works:

  1. Purchase coupons here.
  2. You will receive email with a PIN to access a portal where your individual coupons are listed. The status of coupons distributed, to whom, and when used can be monitored here.
  3. Each coupon has a unique code that can be provided to your staff as you deem appropriate.
  4. The code is entered in lieu of payment when the user applies for the SRMP examination.
  5. Once validated, the applicant and administrator will receive a confirmation email with instructions for completing the exam.

Requirements to Maintain Recertification

  • Retain INSSA membership
  • Earn 180 Continuing Professional Development (CPD) quarter-credits within a 3-year period (45-hours of learning) OR retake the exam


Exam Retake Policy

If an applicant fails the exam on his/her first try, he/she may retake the exam once at no additional charge within 60 days of receiving his/her “Exam Performance Report”. If the applicant fails the second time, he/she needs to wait a minimum of three months before taking the exam again. The applicant must pay the fee to take the exam again.


Unauthorized disclosure of the questions on the exam or any form of cheating is unethical behavior and shall result in sanctions up to and including a failing mark and the denial of certification.

Use of Certification

INSSA certification is voluntary. The INSSA certification credential is awarded to applicants based solely on their attainment of the necessary requirements to achieve the certification credential. The assessment requirements that are part of achieving certification are based on the INSSA Security Risk Management Competency Profile. The competency profile has been built with input from subject matter experts representing the NGO security risk management profession and is designed to indicate the level of performance required for recognition of competence. The guidelines for certification are focused solely on recognizing achievements, and on applied knowledge, rather than on, for example, predicting future job performance. Any use of certification results for any reason other than recognition, or to measure knowledge not explicitly described in the competencies, is not considered valid. Any use of the INSSA certification credential for the granting of a license, selection, promotion, or other non-voluntary purpose is also not valid.

Privacy and Confidentiality

INSSA promotes high standards of ethical, moral, lawful, and civic conduct. Accordingly, members of INSSA, participants in INSSA’s mentoring program, applicants for certification, those issued certifications by INSSA, and all others participating in INSSA’s programs or otherwise with INSSA must abide by such standards. INSSA respects and is committed to protecting all applicants’ personal information. INSSA collects personal information, such as for certification purposes, to keep statistics on its certification program and reporting requirements, and to promote the quality and integrity of INSSA’s programs.



"This was a test of my professional experience. I didn’t know if my knowledge of country level security management was globally applicable. Receiving the email that I passed was a very exciting moment for me, because it was a tangible proof that I am a security professional."

Gerardo Cálix - Regional Security Advisor Latin and Central America, Catholic Relief Services

"I found the exam to be helpful and comprehensive, requiring a range of best practices and principles applicable to safety and security management. The reference material provided assists in knowledge-building, and includes good tools for country-level (and all) managers."

Steve Robinson - Director of Operational Security, International Justice Mission