"This presentation will describe CREST and it essential role in the professionalisation of the technical Information Assurance industry. There is a huge amount of international interest in CREST and the presentation will consider the need for international standards in this important area. CREST is the Council for Registered Ethical Security Testers. CREST is a not for profit organisation that serves the needs of an information security marketplace that requires the services of a regulated and professional security testing. CREST's represents the information security testing industry by: offering a demonstrable level of assurance of processes and procedures of member organisations validating the competence of information security testers providing guidance, standards and opportunities to share and enhance knowledge providing information security testers recognised professional qualifications and support with ongoing personal development CREST provides organisations wishing to buy penetration testing services confidence that the work will be carried out by qualified individuals with up to date knowledge of the latest vulnerabilities and techniques used by real attackers. They will also know that the penetration testers are supported by a company with appropriate processes and methodologies for the protection of their data. CREST has expanded its certification process to include Network Forensics. It is also working in consortia to deliver wider IA certifications including security architects for the UK Government. CREST works with CESG, The UK National Technical Sponsor for Information Assurance. CREST examinations have been assessed by CESG and recognised as being the required level for work within the UK Government. A CREST chapter has been formally established in Australia with the full support of the Australian Government. There are a number of other international initiatives taking place."