About CMCP

Since the 1990s, the U.S. Federal Government has been concerned about the protection and maintenance of the nation’s critical infrastructures–its water supplies, power structures, transportation services and more. To that end, the government ascertained that more should be done to protect America’s 16 critical infrastructure sectors, and they made a recommendation that workforce skills development be throughly and decidedly improved and augmented.  To meet those federal requirements, a group of subject matter experts (SMEs) was convened to develop a set of content domains, subdomains, and knowledge statements delineating the mission critical sectors. Out of that work, the Certified Mission Critical (CMCP) program was created with the express purpose of being a high-stakes (ISO 17024) technical certification validating vendor-neutral U.S. Critical Infrastructure (CI) domains.

What is worthy of note is that CMCP is not an IT certification.
In fact, it stands alone in its focus on the importance of securing mission-critical infrastructures. The certification’s strength resides in its ability to validate a broad set of skills for operators, managers, and professionals needing to secure mission-critical infrastructures. In other words, CMCP validates the knowledge, skills, and abilities of professional competence in the management of foundational domains of mission-critical infrastructure.

The importance of CMCP is clear. As the 16 critical infrastructure sectors grow, demographic research reveals there will be even greater need to fill vacancies with professionals who are fully prepared to avert and avoid any and all mission-critical threats.  CMCP seeks to help validate that those persons working in mission critical positions have the requisite skills and knowledge needed to handle mission-critical threats––whether they be natural disasters, manmade threats, or accidents––helping to ensure the safety and protection of U.S. systems.

CMCP Assessment

Achieving the CMCP credential requires the successful completion of seven domains with a combined total of 150 multiple-choice questions. The seven domains are listed below.

Domain 1: Core Mission Critical Concepts - 15%
Subdomain 1: Operational technologies and concepts

Subdomain 2: Information technologies and concepts

Subdomain 3: IT-OT convergence

Subdomain 4: Standards bodies and regulations

Domain 5: Operations - 21%
Subdomain 1: Standard operating processes and procedures

Subdomain 2: Troubleshooting, repair, and restoring functions

Subdomain 3: Infrastructure monitoring, alerting, and responding

Subdomain 4: Process control, monitoring, alerting, and responding

Subdomain 5: Performance expectations

Subdomain 6: Audit and maintenance

Subdomain 7: Life-cycle management

Subdomain 8: Resource management

Domain 2: Risk Management - 15%
Subdomain 1: Fundamentals of risk management

Subdomain 2: Identification of mission critical assets

Subdomain 3: Threat assessment

Subdomain 4: Vulnerability assessment

Subdomain 5: Risk assessment

Subdomain 6: Risk management plans

Domain 6: Business Continuity - 15%
Subdomain 1: Planning, training, testing & approval

Subdomain 2: Incident response

Subdomain 3: Disaster recovery

Subdomain 4: Emergency management

Domain 3: Safety, Physical Security, & Cyber - 15%
Subdomain 1: Physical Safety

Subdomain 2: Public safety

Subdomain 3: Process / Functional Safety

Subdomain 4: Environmental safety

Subdomain 5: Physical Security

Subdomain 6: Cybersecurity

Domain 7: Mission Critical System Design - 9%
Subdomain 1: Engineering / mission critical services / process design

Subdomain 2: Process control networks

Subdomain 3: IT architecture (basic network design)

Subdomain 4: Physical infrastructure

Subdomain 5: Design considerations for OT, IT, and emergency systems

Domain 4: Change Management - 5%
Subdomain 1: Planning for change management in IT and OT environments

Subdomain 2: Types of changes

Subdomain 3: Documentation


Benefits of obtaining the CMCP credential include:

Defines requirements of a CMCP professional
Based on community guidance and input to a rigorous development process, defines and establishes a single set of standards for the knowledge and skills required to perform competently as a Certified Mission Critical Professional
Provides a rigorous evaluation process for individuals to prove their achievement of the standards and establish professional credibility
Provides organizations the means to manage their workforce, from both the hiring and career progression points of view
Provides a method for the profession and the professional to stay current as work evolves, via program maintenance and recertification


The CMCP credential is open to anyone who has a 2-year degree (with coursework  in an information technology or an operations technology field), including a minimum of 6 months (2 quarters) of related co-op experience or an equivalent apprenticeship of at least 6 months.  Or

    • Two years of related work experience in a field such as information technology,
      operational technology, engineering, cybersecurity, military, or other mission critical field.
    • Or, any combination of the two previous requirements totaling two years of experience or education, provided that the minimum requirement of 6 months of work experience is met.

Non-Discrimination Policy

The CMCP Program does not discriminate on the basis of race, color, national origin, sex, religion, age, disability (physical or mental), sexual orientation, marital status, parental status, political affiliation, genetic information, or pregnancy, and does not retaliate for participating in protected activities. The CMCP Program complies with all applicable jurisdictional laws and regulations related to protection against discrimination in access to CMCP. Additionally, CMCP procedures ensure that all applicants and candidates are treated in an equitable and consistent manner throughout the entire certification process. The eligibility requirements, assessment instrument content, assessment environment, scoring method, and maintenance and recertification process provide for a fair, impartial, and bias-free certification program.

In addition to CMCP, GSX offers various Certified Mission Critical (CMCO)
testing packages for individuals and organizations