Learning and Certification Trust Center

CompTIA is the world’s leading technology trade association and IT certification body. Our credibility depends on keeping your information protected and secure. We value transparency, providing on-demand access to live external vulnerabilities and remediation at CompTIA’s Security Scorecard.

CompTIA applies the NICE framework to guide our risk and security posture. Our audits are aligned to NIST standards, with key vendors layering additional controls and defenses. CompTIA’s Board of Directors provides direct top down governance and guidance.

Many of our industry leading IT certifications are accredited under ISO/IEC 17024, a global industry-recognized benchmark for personnel certifications that demands high privacy and security controls.

CompTIA also operates an industry threat sharing organization, the CompTIA ISAO, which shares threat information and advice from seasoned security professionals directly with our internal technology teams.

  • ISO/IEC 17024
  • Payment Card Industry Data Security Standard (PCI)
  • NIST 800-171
iso comptia

CompTIA is committed to securing and maintaining the confidentiality and integrity of all data that is collected.

Comprehensive information on our privacy protections is available at our Privacy Center.

Our privacy team can be contacted at any time at [email protected]


CompTIA maintains tactical plans and procedures that undergo stress testing and are reviewed multiple times per year.

Resilience - To ensure availability of our services, CompTIA maintains and tests our Business Continuity, Disaster Recovery, Incident Response, and other tactical plans and procedures no less than annually.

CompTIA’s Information Security Team ensures these policies are effective and realistic for our business operations through internal and external audits, internal and external vulnerability scans, reporting tools and feedback to the Chief Information Security Officer.

Governance - In line with leading cyber governance guidance, Information Security reports directly to CompTIA’s CEO, with the Chief Information Security Officer also collaborating routinely with our Directors on the Audit and Investment Committee.

  • Aligns with U.S. Computer Emergency Readiness Team (US CERT)
  • Aligns with National Institute of Standards and Technology (NIST)
  • Current CompTIA Systems Status

CompTIA uses layers of modern security technology to keep our systems and your data secure.

We maintain a 24x7x365 Security Operations Center (SOC) as well as a 24x7x365 Network Operations Center for critical systems.

We scan all new systems prior to rollout with multiple tactics, with ongoing monitoring for critical and PCI systems. Both structured and unstructured penetration testing occur throughout the year.

  • Vulnerability Disclosure Program through HackerOne (Invitation Only)
  • MDR/XDR solutions that protect cloud and on-prem environment
  • Automated supply chain monitoring
  • Ongoing security vulnerability scans
  • Monthly PCI Scans

CompTIA’s staff train on cybersecurity skills throughout the year using industry leading tools.

All CompTIA staff receive ongoing enterprise class cybersecurity awareness, and collectively work together to protect our customers and association. Multifactor authentication is in place for all CompTIA staff and systems, with industry best practices in place for system access.

  • Annual Cybersecurity training
  • Multiple phishing campaigns
  • Zero trust framework on systems


CompTIA brings best in class experiences to its members and customers.

We frequently partner with industry leading vendors to provide tools and systems. For key systems with customer data, we engage directly with their security teams and monitor their security posture through various automated and point in time scans.


Your Data

For CompTIA’s trusted partner and customer community, we welcome the opportunity to discuss the security of your candidate and customer data at any point. Please contact your business development manager to arrange a discussion with CompTIA’s security team.