The International NGO Safety and Security Association (INSSA) has established a certification process to certify that NGO security risk management professionals possess the necessary competence to do their job safely and effectively. At the core of the certification is the INSSA Security Risk Management Competency Profile.

Competencies describe the behaviors necessary to be able to function at a particular professional level, regardless of job or title. They can be used to help identify the necessary knowledge, skills, abilities and other characteristics (KSAOs) for a job, to assess whether someone has the required KSAOs at a particular level, to identify learning gaps, and to demonstrate career progression. The INSSA Security Risk Management Competency Profile includes four certification levels increasing in responsibility and scope: Country, Regional, Global and Executive.

INSSA Security Risk Management Professional – Country and Regional Certification

INSSA has launched its certification program for security risk management professionals (SRMP) at Country and Regional levels (Global and Executive levels will follow) in four langauges.

English click here

French click here

Spanish click here

Arabic click here

The exams can be taken by creating a free account on DisasterReady.

Gaining certification indicates that an individual has demonstrated a specific level of competence to be certified as an INSSA security risk management professional.

The SRMP-Country certification consists of personnel operating mainly in field offices with a mandate of one country or a portion of one individual country.

The SRMP-Regional certification consists of personnel operating mainly in regional offices with a mandate of two or more countries.  In order to complete the exam for the SRMP-Regional level certification, individuals must successfully complete the SRMP-Country level exam first.

INSSA certification process and requirements are described in the sections below.


Certification Requirements

SRMP-Country level certification requirements:

  • Agree to abide by the INSSA Code of Conduct
  • No record of criminal activity or professional misconduct
  • Minimum work experience and education of:
      • a secondary school diploma, or international equivalent, and
      • one-year experience working in an NGO field capacity, or
      • six months’ experience working full-time in a field-based security risk management capacity.


SRMP-Regional level certification requirements:

  • Agree to abide by the INSSA Code of Conduct
  • No record of criminal activity or professional misconduct
  • Certification at the SRMP-Country level
  • Minimum work experience of:
    • six months' experience managing risks in two or more countries, or
    • six months’ experience as a regional security manager


  • Exams require a passing score of 70%.
  • Fail an exam? Wait 24 hours and retake the exam.
  • Passing the exam earns you a digital badge and certificate of certification.
  • Maintain certification by earning 180 Continuing Professional Development (CPD) quarter-credits within a 3-year period (45-hours of learning). For more information on the CPD program click HERE.


Exam Length and Format

The SRMP-Country level and SRMP-Regional level certification exams each consist of approximately 100 questions. The SRMP-Country level exam is based on the competencies outlined in the INSSA Security Risk Management Competency Profile as applied in a single country or project(s) within a single country. The SRMP-Regional level exam is based on the competencies outlined in the INSSA Security Risk Management Competency Profile as applied in multiple countries with greater levels of responsibility. 

The exams are offered online for free at DisasterReady.org. To take either exam, individuals must have access to a computer and a reliable internet connection. While the exams will not be supervised, each must be completed in 3-hours. Preparing for the exams is strongly encouraged. Refer to the Prepare for Exam section for more information.

To register for the exam(s), sign up for a free account at DisasterReady.org or log-in if you already have an account.




Unauthorized disclosure of the questions on the exam or any form of cheating is unethical behavior and shall result in sanctions up to and including a failing mark and the denial of certification.

Use of Certification

INSSA certification is voluntary. The INSSA certification credential is awarded to applicants based solely on their attainment of the necessary requirements to achieve the certification credential. The assessment requirements that are part of achieving certification are based on the INSSA Security Risk Management Competency Profile. The competency profile has been built with input from subject matter experts representing the NGO security risk management profession and is designed to indicate the level of performance required for recognition of competence. The guidelines for certification are focused solely on recognizing achievements, and on applied knowledge, rather than on, for example, predicting future job performance. Any use of certification results for any reason other than recognition, or to measure knowledge not explicitly described in the competencies, is not considered valid. Any use of the INSSA certification credential for the granting of a license, selection, promotion, or other non-voluntary purpose is also not valid.

Privacy and Confidentiality

INSSA promotes high standards of ethical, moral, lawful, and civic conduct. Accordingly, members of INSSA, participants in INSSA’s mentoring program, applicants for certification, those issued certifications by INSSA, and all others participating in INSSA’s programs or otherwise with INSSA must abide by such standards. INSSA respects and is committed to protecting all applicants’ personal information. INSSA collects personal information, such as for certification purposes, to keep statistics on its certification program and reporting requirements, and to promote the quality and integrity of INSSA’s programs.


"This was a test of my professional experience. I didn’t know if my knowledge of country level security management was globally applicable. Receiving the email that I passed was a very exciting moment for me, because it was a tangible proof that I am a security professional."

Gerardo Cálix - Habitat for Humanity

"I found the exam to be helpful and comprehensive, requiring a range of best practices and principles applicable to safety and security management. The reference material provided assists in knowledge-building, and includes good tools for country-level (and all) managers."

Steve Robinson - Director of Operational Security, International Justice Mission