Join as a team

Requirements to become a CSIRT member of the Network

  • The CSIRT must belong to an OAS Member State.
  • The CSIRT must be one of the following types:
    • National CSIRT
    • Coordinating sectoral CSIRT under the direct jurisdiction of the central, federal government, as well as Ministries or their equivalents.
    • CSIRT of the legislative and judicial branches, including prosecutors' offices, public prosecutors' offices and law enforcement, with national scope.
    • Armed Forces CSIRT (Joint Command, Army, Air Force or Navy).

  • The CSIRT must have official documents specifying its establishment and cybersecurity incident management functions (decree, regulation, agreement, statute, etc.).
* The membership of a CSIRT to CSIRTAmericas Network is subject to acceptance by the CICTE/OEA.

Start application process

1. The head of the CSIRT must complete the application form here: Start application process . This application includes performing the SIM3 self-assessment based on the CSIRTAmericas baseline. For more information visit the following link.

Application form

2. The CSIRTAmericas team will review the information received in the form and verify the official CSIRT functions documentation.

3. All requests must be validated and approved by the National Contact Point (NPC) to CICTE. OAS/CICTE will coordinate this process and notify the Permanent Mission of the country to the OAS of the decision. In the event that:

There is a National CSIRT of the country in CSIRTAmericas:

CSIRTAmericas will request approval from the NPC in coordination with the National CSIRT. The National CSIRT will review the SIM3 self-assessment of the candidate CSIRT to ensure compliance with the CSIRTAmericas Baseline, if the National CSIRT does not have a SIM3 auditor, it will request the support of CICTE to locate a SIM3 auditor that is part of the network. The National CSIRT will send the results to the NPC, who must respond to CICTE with the results and final decision for review.

If there is no National CSIRT of the country in CSIRTAmericas:

CSIRTAmericas will coordinate with the candidate CSIRT the review of the SIM3 self-assessment to verify compliance with the CSIRTAmericas Baseline. In case the candidate CSIRT approves, authorization will be requested to the NPC for its adhesion to the network. Otherwise, the NPC will be kept informed of the result.

The CSIRTAmericas team will notify the status of the application within 20 working days, notifying if additional information or clarification is required. This timeframe may vary depending on the circumstances of the requesting country.

4.In case of approval of the application, the applicant will be contacted based on the contact information in the application form to schedule an introductory meeting between the CSIRTAmericas team and the members of the adhering CSIRT. If the CSIRT does not comply with the requirements established in the CSIRTAmericas Baseline, a maximum period of one year will be granted to make the necessary adjustments and submit the documentation that accredits the implemented improvements. After the indicated period, the requesting CSIRT will have to start the process again.