A CryptoCurrency Security Standard Auditor is an expert in the CCSS. CCSSAs are able to apply the CCSS standard to any information system that uses cryptocurrencies, calculating a grade for the system according to the CCSS.
C4 has two tracks related to the CCSS.
To find out which path is right for you, take our self assessment.
Every prospective CCSSA must take C4's official CCSS Foundations and CCSSA Training courses. These are live, instructor-led, online courses that build real, applicable skills.
During the 2-day Foundations course, candidates build a strong baseline across all CCSS requirements. During the course, attendees learn the structure of the Standard, key terminology, threat models, how each aspect works in practice through case studies and simple fictional systems, and more. The Foundations course ensures everyone speaks the same language before moving into auditor-specific training.
During the 2-day Auditor course, candidates focus on how to audit against the CCSS. Candidates learn how to evaluate evidence, identify gaps, apply CCSS requirements in a mock-audit scenario environment, and determine certification levels. They learn how to assess real systems, understand scope boundaries, and uphold auditor impartiality.
Together, these four days give CCSSA candidates both the knowledge and the practical auditing skills needed to evaluate cryptocurrency systems against the CCSS.
You can find a Certified CryptoCurrency Security Standard Auditor (CCSSA) here.
Once you've completed the training, you will have 6 months to take your exam from the date of purchase. Once you begin the exam you will only have 90 minutes to answer all 100 questions.
The exam includes 100 multiple-choice and true/false questions covering each of the 41 aspect controls of the CCSS. The exam is time-limited to 90 minutes. A passing grade of 70% is required for certification. If you fail the exam, you will have one retake. After that, you can pay to take the exam again. You will not be certified until you have successfully passed the exam.
During the exam, you will be asked questions related to real-world scenarios. Please download CCSSA Exam Scenarios and review them before beginning this exam.
Download CCSSA Exam Scenario E
Download CCSSA Exam Scenario F
CCSSA certification must be renewed every year. To renew, CCSSAs need to show they understand the current version of the CCSS. The renewal path depends on prior certification date.
1. CCSSAs certified before the official training launched
If a CCSSA certified prior to the launch of C4’s official CCSS Foundations and CCSSA Auditor Training, both courses must be completed prior to renewal. Renewal discounts will apply to the training; exam is included.
These courses ensure every active CCSSA has the same baseline training and auditing approach.
2. CCSSAs certified after completing the official training
If a CCSSA has already completed C4's official Foundations and Auditor Training, the renewal process is much lighter. Depending on the scope of changes in the latest CCSS version release, they may only need to complete a short update module, or no training at all. When updated training is required, it focuses solely on new and revised requirements and is significantly shorter than the full initial training. Recertification is dependent on passing the most current CCSSA exam.
CCSSAs who are currently certified receive a 25% renewal discount via the email address used for prior registration 6 months before their expiration date, and that discount applies under the training-based renewal process. Because training is now required to renew, the 25% discount applies to the training cost for currently certified CCSSAs, and the exam fee is included in the training.
The use of the certification mark is intended to indicate that the services in association with which it is used are of the following defined standard: services to be provided using the certification mark are provided by persons who have satisfactorily completed an examination prepared and administered by the applicant for the purposes of measuring skill with respect to professional knowledge of exam material as well as acceptance of the applicant’s code of ethics in force at the relevant time. Initial certification is for one (1) year and it is the responsibility of each user of the certification mark to renew his or her certification every one (1) year thereafter by meeting the following requirement: The user must satisfactorily complete a current examination prepared and administered by the applicant for the purposes of ensuring the user possesses professional knowledge of exam material as well as acceptance of the applicant’s code of ethics in force at the relevant time.
