Acquiring CCSP Continuing Professional Credits
A member or associate of ISC2 is required to attain Continuing Professional Educational credits on acquiring CCSP Certification . As per the rules of ISC2, professionals certified with the certification of CCSP need to professionally develop themselves through a wide range of activities. ISC2 has grouped these activities into two categories. The group A category involves activities related to domains, while group B activities are general in nature. Every candidate can perform all or a few of these activities to earn the required credits.
Understanding the categories and activities associated makes it easier for Certified Cloud Security Professionals to earn credits. Additionally, CCSP Certification holders must go through the CPE handbook to know the guidelines and ISC2 rules. Besides, professionals are also required to stick to the ISC2 ethical guidelines and pay the annual membership fee. Not fulfilling any of the ISC2 guidelines can result in the cancellation of CCSP Certification for a professional.
What is the process of earning Continuing Professional Education credits for CCSP?
In order to maintain the cloud certification, professionals are required to earn 120 CPEs over a period of 3 years. However, each year, certified professionals are required to submit 30 CPEs attained through group A or B categories. Additionally, each activity is embedded with time restrictions by ISC2. A professional can only spend a certain amount of time on each activity. This entitles CCSP certified to perform all the relevant activities each year whilst in the pursuit of earning CPE credits.
What are the two categories of CPEs?
ISC2 has categorized CCSP CPE activities into two groups- Group A and Group B. The activities covered in group A can be associated with cloud concepts, cloud architecture, cloud security operations, and other domains listed in CCSP Certification. These activities are:
- Taking up educational courses relevant to CCSP domains
- Reading books, magazines or whitepapers
- Writing/publishing a book, magazines, whitepapers
- Attending seminars, conferences or presentations on CCSP domains
- Preparing a presentation relevant to cloud security
- Researching for a project or prepping for cloud courses
- Volunteering for governmental or charitable organizations
- Enrolling in the higher education course on cloud concepts
The group B categories emphasizes activities that are not related to CCSP domains. These activities aid certification holders in developing professionally. In addition, these activities can be professional speaking programs or management courses. Spending time on such activities is vital for the growth of certified professionals.
Each CPE credit is counted for spending one hour on the activities listed above. In addition, it is important to note that CPE credits cannot be accounted for on-the-job activities. Taking time out to perform these activities allows professionals to demonstrate their dedication and commitment towards cloud security.
What is CPE audit?
Professionals engaged in earning credits as per CPE policy of ISC2, might be subject to the audit program. The audit is conducted randomly by highly qualified professionals from ISC2. It cannot be said with certainty that few CCSP professionals might be part of the CPE audit. As a result, certified professionals need to ensure that they are prepared with necessary documents required to be audited at all times. This audit program ensures that ISC2 complies with the standards set by ISO/ ANSI. Professionals would be given 90 days to prepare for the audit requirements.
Tips to remember while earning CCSP CPE credits:
- Professionals are required to earn a maximum of 10 CPE credits that accounts to unique experience under group A.
- Each year, a professional can earn upto 40 CPE credits from both Group A and B categories.
- For each activity of CPE, certified professionals are required to provide written proof, copies of publications, transcripts/registration materials, certificates, and so on.
- Prepare and maintain the documents of each CPE activity performed. In case of audit, these documents can fast track the process.
- Submit all the CPE records on ISC2 website at once, rather than multiple times.
Apart from submitting CPE credits, professionals are also required to pay Annual Maintenance Fee of USD 125 to ISC2.
Additionally, associates of ISC2 can pay an AMF of USD 50 each year on the date of passing the CCSP Exam. Associates are further required to submit their CPR credits annually and not over the three year certification cycle.
Can CPE credits be rolled over?
As per ISC2 rules, CPE credits can be rolled over from year to year. However, the credits cannot be rolled over from one certification cycle to another certification cycle. This is one of the very strict rules set by ISC2 to avoid confusion and scams.
Professionals who scam their CPE credits in any manner might get their certification cancelled or suspended. As a result, it is important to note that professionals need to have adequate evidence to support their CPE credits earned over the years.
What if I fail to meet CPE requirements?
Professionals who fail to comply with the CPE requirements set by ISC2, can expect their CCSP Certification to be revoked. Additionally, the suspension status is only for a period of 2 years. Certified members as well as associates of ISC2 will be terminated after this period. Individuals will not be given any membership rights once they are terminated. The reinstatement fee for those who wish to get back their mem bership is USD 600 which has to be paid after retaking and clearing the CCSP Exam.
How to submit CPEs for CCSP Certification?
Professionals will have an additional 90 days of grace period for completing the submission of all CPE credits and payment of AMF to ISC2. However, a professional submitting these CPEs should earn it within the grace period.
To submit CPEs, professionals need to login to their account on the ISC2 website and click on the certification dashboard. At the end of the cycle, CCSP certified professionals can record all their CPE along with the required documentation. With these rules, cloud professionals caneasily utilize the activities to boost their skills and enhance their career options whilst developing professionally.
Training makes the management of data privacy issues smoother through the application of relevant procedures. Forensic investigation and interpretation of security incidents is one of the most valuable things learned from this course. Individuals become adept at developing secure software modules. They learn the standard measures of sustaining the integrity of cyber security systems. These are, data backups, unobstructed power supplies, file permissions usage, and cryptographic checksums.
Certification holders introduce the principle of least functionality in organizations. They allow systems to run only those services and applications that align with business operations. The attack surface expands with an increase in the number of applications running within the system. The training program teaches them to keep that number in check through performing regular configurations. They limit the use of network services, protocols, and open ports. Certified individuals are needed by organizations to perform automated scanning of their corporate networks.