CySA+: Exam policies and appeal procedures [updated 2021]

Fakhar Imam
August 4, 2021 by
Fakhar Imam

Conducting exams effectively, efficiently and in line with regulations is a daunting task. CompTIA, the CompTIA Cybersecurity Analyst (CySA+) certification vendor, is committed to ensuring that its certification exams are valued and respected in the marketplace. 

To enhance the integrity of its CySA+ certification, CompTIA takes certain security measures and ensures that candidates strictly adhere to them. These security measures include CySA+ certification exam policies and CySA+ exam appeal procedures, which are also the topic of this article.

Earn your CySA+, guaranteed!

Earn your CySA+, guaranteed!

Get hands-on experience and live expert, instruction. Enroll now to claim your Exam Pass Guarantee!

What do I need to know about CySA+ certification exam policies?

The following sections will take a deep dive into the details about CySA+ certification exam policies. The candidates must comply with these policies to avoid suspension or cancellation of his or her CySA+ exam.

Testing policies

CompTIA accommodates disabled candidates in accordance with the applicable law. The candidate can request accommodation on the Pearson VUE website, CompTIA’s testing partner. In addition to the English-speaking countries, the CySA+ exam is also available in non-English-speaking countries. Students can request a 30-minute time extension on the exam day.

Exam scoring is also regularly monitored by CompTIA to ensure the validity of its CySA+ exam results. In the event of aberrant or fraudulent test scores, CompTIA reserves the right to ask the suspicious candidate for a retest. 

The candidate must also allow his or her photograph to be taken by the test center administrator prior to testing for the highest level of security and authentication. Your photo will be printed on your score report.

Candidates can also avail themselves of a rescheduling policy to change his or her exam date. However, he or she must inform Pearson VUE at least 24 hours before his or her CySA+ exam appointment. Failing to do so will result in confiscation of the exam fees. The same rule is applied to the CySA+ cancellation policy.

Voucher terms and conditions

Once you purchase a voucher for your CySA+ exam, CompTIA will not allow you to make any changes later. You must verify that you have chosen the correct voucher type, the desired quantity and the country where you are going to take your CySA+ exam.

Continuing education (CE) policy

CompTIA continuing education (CE) policies allow candidates to participate in certain approved activities to earn the required number of continuing education units (CEUs). In the case of CySA+ certification, you will earn 60 CEUs to renew your certification for the next three years. 

CE policies are broken up into audit policies, candidate code of ethics, CySA+ certification renewal policies, audit decertification appeals policy and process, and the CEU documentation retention policy.

Exam delivery policy

CompTIA has a right to exclude countries, regions or/and test centers from its CySA+ certification program due to integrity concerns or/and security reasons.

CySA+ retake policy

If you fail the first attempt at your CySA+ exam, you can immediately apply for the second attempt without any delay. However, you will also have to wait for 14 calendar days if you fail the second attempt. 

CompTIA does not allow unsuccessful candidates to retake the CySA+ exam with the same exam code. If you want to do so, you’ll need to gain prior permission from CompTIA.

Candidate identification (ID) policy

Before registering and taking the CySA+ exam, CompTIA requires every candidate to clarify his or her primary level identification. Identification requirements include registering with the candidate’s accurate first and last names, two forms of valid (unexpired) and original (no photocopies) identification. In addition, an ID must be issued by the country where the student is testing. 

In the event of not having the primary identification, the candidate can present an international travel passport of his or her country, along with a secondary ID. Secondary ID is any identification that contains at least a candidate’s name and signature, or name and recent photograph. For example, a valid blue National Health Insurance card is acceptable in Japan as a secondary ID.

Exam development policy

CompTIA exams, including the CySA+ exam, are built through the rigorous exam development process. Exam content is designed with the help of various subject-matter experts (SMEs) and based on industry-wide survey feedback. 

To meet industry expectations and knowledge standards, CompTIA SMEs spend thousands of hours during the development process. CompTIA estimates that around 5,000 SME hours are required to develop a CySA+ exam. In addition, a trained psychometrician/psychologist helps with the development process, review and maintenance of the CySA+ exam. 

CySA+ exam development also abides by the following standards:

  • American National Standards Institute (ANSI) under the ISO 17024 standard.
  • The Standards for Educational and Psychological Testing published by the American Educational Research Association, the National Council on Measurement in Education and the American Psychological Association
  • Uniform Guidelines on Employee Selection Procedures issued by the U.S. Equal Opportunity Commission

Sharing exam results

If any third party, such as an academic institution, employer, military or any other body, has paid for you to take your CySA+ exam or earn CEUs through the CE program, CompTIA will share your certification progress or/and status in completing your CE requirements with the third party.

CySA+ exam security hotlines

Below is a list of some CySA+ exam security hotlines. The candidates must avoid these behaviors, which can involve cancellation or permanent suspension of your CySA+ certification.

  • Misconduct on the part of the test center administrator or authorized proctor, such as helping students by providing answers
  • Candidates must not post CySA+ exam content on any public website or disturbing copies at public forums or conferences
  • Candidates must not take photographs or CySA+ exam questions or material
  • Use of unauthorized materials
  • Cheating or committing suspicious behavior at a testing center

What do I need to know about the CySA+ appeal procedures?

If you have received written notice of violations along with applicable sanctions from CompTIA, you are given 30 calendar days to file a written request for appeal by following the CompTIA candidate appeal process. In the appeal, you must provide solid evidence, grounds for the appeal, and justification why the appeal should be granted. CompTIA will respond to the appeal within 30 days of its receipt. 

If a candidate doesn’t file an appeal within 30 days of receipt of notice of violations or any other misconduct, CompTIA will not consider his or her appeal. CompTIA refers the appeal to its three members of the Candidate Appeals Committee to decide the appeal. The decision of the CE Appeals Committee is binding, and the candidate is obligated to admit it.

In the event of invalid CE activities, CompTIA will decertify your CySA+ certification and notify you through email. Under such circumstances, you will have 30 calendar days to respond to CompTIA’s email and request for appeal. All appeal documents should be completed before mailing them to CompTIA. Appealing within 30 calendar days from the day of receiving email notification is necessary. After such a period, your request for appeal will not be entertained. 

The appeals received are promptly submitted to CompTIA’s CE Appeals Committee, which incorporates a two-member arbitration panel to decide the appeal. The decision of the CE Appeals Committee is binding. 

Earn your CySA+, guaranteed!

Earn your CySA+, guaranteed!

Get hands-on experience and live expert, instruction. Enroll now to claim your Exam Pass Guarantee!


Like most CompTIA certifications, the CySA+ follows certain standardized guidelines but still contains its own internal concerns and requirements that should be thoroughly comprehended before you attempt to take the exam. It would be unfortunate to miss your chance to take and pass this crucial, fast-rising certification exam because of a lack of understanding of the requirements and regulations. These tips will help ensure that your exam day will run smoothly and safely.



  1. Certification Exam Policies, CompTIA
  2. Appeals Policy and Process, CompTIA
  3. CE Program Audit Decertification Appeals Policy & Process, CompTIA
Fakhar Imam
Fakhar Imam

Fakhar Imam is a professional writer with a master’s program in Masters of Sciences in Information Technology (MIT). To date, he has produced articles on a variety of topics including on Computer Forensics, CISSP, and on various other IT related tasks.