CIS Recertification – Assessment for CIS Benchmark
CIS Benchmarks Recertification only applies to Members with start dates prior to January 1, 2025. Once Members with start dates prior to January 1, 2025 have completed their 2025 SecureSuite Membership renewal and completed the new CIS Benchmarks annual Certification, Recertification is no longer an applicable requirement.
Recertification applies when product/offering:
- Has not been altered in any way that may impact the product’s ability to accurately assess and report a given asset’s conformance with the CIS Benchmark(s) version(s) and profile(s) for which Recertification is being submitted;
- Is not a major version release of the product;* and
- Has previously received Certification for the CIS Benchmark(s) version(s) and profile(s) being submitted.
Please note that a major version release of a CIS Benchmark requires a new CIS Certification. (An example of a “major version release” would be the release of CIS Windows 7 Benchmark v2.0.0 to replace the previous version of CIS Windows 7 Benchmark v1.2.0.)
* In certain circumstances, a major version release of a product may occur but without changes having been made to the product’s ability to accurately assess and report a given asset’s conformance with the CIS Benchmark(s) version(s) and profile(s) for which the product is being submitted for Recertification. If this is the case and the Recertification is for the CIS Benchmark(s) version(s) and profile(s) previously Certified, then a Recertification request may be submitted. For this type of Recertification, CIS will request a sample set of product testing to be submitted for the particular technology.
Recertification Process
To submit for Recertification, please submit your request via the CIS support portal using the following email template:
[Begin email template]
By submitting this request for CIS Recertification, [Company] agrees that the Product/Tool being submitted for Recertification:
- Has not been altered in any way that may impact the product’s ability to accurately assess and report a given asset’s conformance with the CIS Benchmark(s) version(s) and profile(s) for which Recertification is being submitted;
- Is not a major version release of the product;* and
- Has previously received Certification for the CIS Benchmark(s) version(s) and profile(s) being submitted.
[Company] would like to apply for Recertification for the following:
- [Company] Product & Version: ____________________________
- CIS Benchmark(s) & Profile(s): ____________________________
- Contact person for Recertification: __________________________
This submission for Recertification is in compliance with the Recertification requirements included above and in conformance with the CIS Certification Membership Agreement.
[End email template]
It is CIS’s intent to provide and preserve Membership equity and value. We understand that certain circumstances may not be addressed in the processes defined here. CIS Support may ask you to also send the original CIS Award notification PDF file for the certification that you are asking to re-certify.
If you have any questions or particular circumstances related to your product and Certification requirements not addressed in this document, please contact CIS via the support portal, and we would be happy to discuss your particular circumstance and address your issues accordingly.