2026 Cybersecurity Fundamentals Certification Practice Analysis Task Force

The Cybersecurity Fundamentals Certification Practice Analysis Task Force (PATF) will be responsible for the creation of a new Cybersecurity Fundamentals Certification program. Members of the PATF are responsible for ensuring the integrity and quality of the certification program and the exam content.  

Anticipated outcomes: 

The PATF group will assist with the following outcomes:

• Support the certification development process, including:  
  • Participate in the Practice Analysis Study.
  • Create an Exam Content Outline (ECO).
  • Participate in the Standard Setting Study to create the passing point of the exam.  
  • Review and approve exam drafts.
  • Review exam item performance via statistical analysis.  
• Approve requirements for certification.  
• Approve recertification methods and requirements.  
• Review and approve the empirically derived results of the updated practice analysis.  
• All work is conducted confidentially and may not be shared or discussed outside the Task Force members and ISACA staff. 

Work to be done via:  

• Email
• Phone / Virtual  
• Attend a two-day in-person meeting to develop a draft of the knowledge required and tasks performed.
  • Meeting Date: 12-13 February 2026 in Suburban Chicago, Illinois, USA. Expenses paid by ISACA.
• Participate in a pilot test of a survey to review and rate the tasks and knowledge areas developed by the PATF.
  • (Survey Date TBD)
• Attend a remote 1-day meeting to review the results of the practice analysis survey and to review and approve the empirically derived test specification for the Cybersecurity Fundamentals exam content outline.  
  • Tentative Date: April 2026
• Attend a 1-day in person meeting to determine the passing standard for the updated exam content.  
  • Tentative Meeting Date: August 2026 in Suburban Chicago, Illinois, USA. Expenses paid by ISACA. 

If you foresee difficulties participating due to time zone differences or travel restraints, kindly refrain from applying.  

Volunteer Criteria:

• Volunteers must already hold a Cybersecurity Fundamentals certificate. 
• Less than 5 years of cybersecurity work experience or manager of staff with less than 5 years’ experience.
• Diverse volunteer representation required to include geographical areas, industry, and experience.
• Knowledge and experience in applying the principles that frame and define cybersecurity and protecting enterprise data and infrastructure.
• Fluency in English required for productive group discussion. 

Volunteer benefits:  

PATF members may not teach a review course or develop review materials for a period of 3 years following the last date of service on the Working Group.