Cyber-attacks are enormously faced by business enterprises due to improper management of information security. Handling bulk data can be troublesome if proper attention isn’t paid to its storage and access controls. Therefore, organizations need to employ individuals who conform to the regulations of (ISC) ². It is the final authority on data protection practices to be followed by cyber security professionals.
What is (ISC) ²?
(ISC) ² is the protector of organizations against the awful consequences of data security breaches. This non-profit corporation has been in the service of offering cyber security for more than three decades. It is an unfathomable pool of information security professionals who are accredited with certifications at various levels. Each of these certification holders need to undergo special coaching to gather the required number of CPE hours.
Continuing Professional Education
CPE is the abbreviation for “Continuing Professional Education”. These credits are points gathered by the candidate to maintain the acquired certification credentials. CPE credits prove a professional’s eligibility for the respective certification. A candidate has to devote certain hours to professional studying and practice following the certification obtained. These hours are considered as credit points, which vary from one certification to another.
What is the CPE Policy of (ISC) ²?
(ISC) ² demands CPE credits from its certified members who are obliged to achieve those during the validity tenure of their respective certifications. Certification credentials remain valid for a three-year time span. The limit to earning these CPE hours is fixed by (ISC) ². It has to be fulfilled before the certification expires. Both associates and certified members of this regulatory body are subject to the rule of submitting CPE credits.
What is the CPE Audit Process?
Random CPE audits are performed by (ISC) ². An unspecified number of the submitted CPE credits are chosen for the audit process. The selected candidates have to produce relevant proofs of their CPE earning activities. This process is carried out by auditors at (ISC) ² to confirm the regulatory body’s uprightness. It also assists in the compliance of its certifications with the ISO standards.
What Should a Candidate Do When Chosen for CPE Audit?
(ISC) ² will ask the candidate to furnish certain documents in the justification of activities performed to achieve CPE credits. He/she would be allotted a duration of 90 days for providing the information asked for by the auditors through emails. Candidates are advised not to ignore this instruction of the governing body.
CPE Policy for CISSP holders
CISSP (Certified Information Systems Security Professional) accreditation can only be retained by those who are able to accomplish 40 Continuing Professional Education credits a year. During the three-year validity period the individual has to submit a total of 120 CPE credits to the certification regulatory body.
The globally acknowledged CISSP Certification can be pursued by an individual with a previous work experience in the relevant field. 5 years is the minimum duration in which one must have worked for 35 hours per week.
CPE Policy for CCSP holders
Candidates possessing the CCSP Certification are required to attain 30 CPEs a year. All the 90 CPE credits demanded by (ISC) ² must be accomplished by the last six months of the 3-year certification tenure.
Candidates must have worked at least a year within the CCSP domains. Besides, a minimum of 3-year work experience in IT, and a total of 5 years’ paid job are required. This fulfills the eligibility criteria for taking the exam to obtain the CCSP Certification.
What if a candidate fails to earn the required CPE hours?
His/her CISSP Certification shall cease to be valid on being unable to meet the prescribed CPE requirements. A grace period of 90 days is allotted to the candidate for reaching the CPE limit demanded by (ISC) ².
How to Earn ISC2 CPE Credits
Continuing Professional Education Credits can be earned through the following activities:
- Publication of whitepaper or article related to the respective certification subject matter.
- To undertake a training course.
- Presentations to serve the educational or organizational requirement of information security.
- Preparation of projects other than the one’s information security job assignments.
- Volunteering information security services to charitable and government organizations.
- Project research and preparation for the certification exam.
- To attend conferences, training sessions, or lectures.
What is the procedure of calculating the acquired CPE credits?
CPE credits are counted from the time period of performing educational activities like attending webinars. The attendance hours in these programs are considered as the required CPE hours for maintaining the CISSP and CCSP Certifications. Regular job responsibilities are not adequate for this purpose and thus, one needs to carry out the aforementioned tasks.
(ISC) ²’s demand for continuing professional education requirements is beneficial for the CISSP and CCSP Certification bearers. The individuals can constantly hone their skills and upgrade their knowledge in the process of meeting their respective CPE criteria.