topic Re: CISSP: Group B credits in CPE Opportunities

CISSP: Group B credits

Alec — Mon, 18 Dec 2017 23:06:15 GMT

I've got my CISSP earlier this year and decided to be proactive in earning CPEs from day one. While there is enough information and recommendations on Group A credits I'm a bit unsure about practical ways to earn Group B credits. The list of suggested activities on ISC(2) website provides some guidance, but besides "Technical skills not in information security" - which includes things like programming languages - other options seem to be more management-oriented. I wonder what other fellow CISSPs would recommend as feasible options to earn Group B credits for someone in a security engineer position. Thanks!

Re: CISSP: Group B credits

Badfilemagic — Mon, 18 Dec 2017 23:56:10 GMT

I think that the idea behind group B credits is that in order to be really successful in the type of role where, say, a CISSP is required, it's helpful to have a good understanding of the fundamentals of the business you work for, and you should get credits for seeking education to that end.

I've used things from Coursera before, like a business analytics course I did on there. If you take community college classes for credit, that's probably another good way to get type B credits, too. You may even be able to get your company to pay for something like for-credit courses at an accredited school. If you're already pursuing a masters degree, that should work as well, I would think.

Re: CISSP: Group B credits

Early_Adopter — Tue, 19 Dec 2017 00:18:16 GMT

In addition to @Badfilemagic's excellent advice, I would say that CPEs in group B can work as part of your learning an development plan if you have one. As long as its valuable, related in some way to being a security professional and you can write it down and you can justify it to yourself and another reasonable person. Example - my Molecular gastronomy appreciation course doesn't count, psychology short course probably would as it's related to how people behave generally.

For example I did toe courses on Privacy this year one with IT Governance(which surprise-suprise was mostly about the practice of audit :P), the other was with IAPP which was heavily slanted to legal.

I put the IT Governance course into group A, and the IAPP course into group B - personally I think I could argue for either, but you only use them one and I went for what I felt was the best fit.

Here's a good blog post on this, and the official guidelines.

http://blog.isc2.org/isc2_blog/2014/01/free-ways-to-earn-continuing-professional-education-cpe-credits-for-your-infosec-certification-.html

https://downloads.isc2.org/certifications/cpe-guidelines.pdf

Re: CISSP: Group B credits

Alec — Tue, 19 Dec 2017 00:32:43 GMT

Thank you, Badfilemagic and Early_Adopter, your suggestions shed some light!

Re: CISSP: Group B credits

Alec — Tue, 19 Dec 2017 00:49:23 GMT

Hmm, I just found an ISC(2) blog post on 2015 changes and the following quote drew my attention:

"Group B CPEs remain optional and may be substituted by Group A CPEs".

Here's the link to the post:

http://blog.isc2.org/isc2_blog/2015/01/cpe-policy-changes-for-isc%C2%B2-members-start-this-month.html

So, am I correct assuming that earning 40 or more group A credits within a year will satisfy the requirement?

Re: CISSP: Group B credits

Early_Adopter — Tue, 19 Dec 2017 01:06:52 GMT

That's correct, yes.

Group B just gives you a wider pool of learning/activities to select from.

Also - 'All work and no play makes x/y a dull boy/girl.' Its nice to be cross functional, no one ever accuses ISC2 of being over specialized, but depth of interest is good.

Here's the table from the PDF, operator is OR. Not the lower annual requirement in group A(group A has a need for every year) plus you have an option to do a lot of the A+B in over the three years(I sat the CISSP twice as I couldn't be bothered to submit CPEs so let it lapse - my advice is not to do that as it's expensive compared to record keeping).

Re: CISSP: Group B credits

Alec — Tue, 19 Dec 2017 01:19:16 GMT

I think you posted an old version of the requirements, here's the current breakdown.

Re: CISSP: Group B credits

Early_Adopter — Tue, 19 Dec 2017 01:25:47 GMT

Thanks Alec, Sorry so I did, here's what I meant to post -the annual requirement for A was upped - presumably to stop CPE rushes in year three:

Re: CISSP: Group B credits

Alec — Tue, 19 Dec 2017 01:28:20 GMT

One more question - CPE rollovers. Here's what the section Rollover CPE Credits says:

"CPE rollover credits are limited to the total CPEs required each year. For example, CISSPs will only be able to roll over up to 40 Group A credits earned in the last 6 months of your three year certification cycle. CPEs do not rollover from cycle year to cycle year. Rollover CPEs are calculate at the time of renewal."

Does that mean I can only earn extra CPEs within the last 6 months of the 3d year? Should I really limit my CPE accrual to 40 credits within years 1 and 2 of each certification cycle because I would lose any extra CPEs anyway?

Re: CISSP: Group B credits

Early_Adopter — Tue, 19 Dec 2017 01:45:05 GMT

I take it to mean extra CPEs *ONLY* in the last 6 months of the 3d year of the certification cycle.

I would say that you'll already be earning more than you need, so I wouldn't limit its just a case of writing it up.

I would also recommend having some slack as hedge as well. It's better to have more than you need so that if you do get audited you don't have to remember what you did potentially 2-3 years ago to map activities to CPEs.

If I was an auditor, I might well choose audit those with the minimum CPE counts - especially if I saw some of these were in year one B Group for "The Applied Philosophy of Poodle Grooming"... 😉

Re: CISSP: Group B credits

Alec — Tue, 19 Dec 2017 01:51:21 GMT

Makes sense, and thanks for the poodle grooming example - I will make sure to stay focused and not deviate! 🙂

Re: CISSP: Group B credits

amandavanceISC2 — Tue, 19 Dec 2017 17:38:51 GMT

@Alec Congratulations on obtaining your CISSP and welcome to the (ISC)² family! These are great questions and answers from @Badfilemagic and @Early_Adopter! I wanted to introduce myself. My name is Amanda Vance and I work on the Member Support team at (ISC)². If anyone has any questions and would like to contact me, please feel free. If you would prefer to contact me directly, I have listed my contact information below.

Best Regards,

Amanda Vance

avance@isc2.org

Re: CISSP: Group B credits

Alec — Tue, 19 Dec 2017 17:59:23 GMT

Thank you, Amanda! I will certainly keep your contact info handy in case I have more questions!

Regarding my last question about CPE rollover: could you confirm if my understanding is correct that I can earn no more than 40 credits in each of the years 1 and 2 and no more than 80 in the 3d year without "losing" any credits above these limits?

Re: CISSP: Group B credits

amandavanceISC2 — Tue, 19 Dec 2017 19:45:35 GMT

@Alec I will be happy to clarify the CPE rollover policy.

It is true that the CPEs do not rollover from year to year, so if you get 50 for year 1, the 10 extra CPEs will not rollover into the year 2 requirements. However, these extra CPEs do count towards your three-year CPE requirement (120 total with at least 90 being Group A). Once you submit the required 120 CPEs, up to 40 Group A CPEs that you earn in the last 6 months (in excess to the 120) can be rolled over into year 1 of the new three-year cycle.

Even though, the CPEs do not rollover from year to year, I would recommend to still submit them if you have them. There are times that members are not able to meet their annual CPE requirements, so if you have extra in one year that are adding to the three-year total, that will help you so you don't fall behind.

I hope this helps answer your question.

Best - Amanda Vance

Re: CISSP: Group B credits

nagarajan — Thu, 21 Dec 2017 05:06:09 GMT

Hi Alec,

You can submit the following for credits towards Group B:

1. Any technical training and certification.

2. Publication of book on technology/security.

3. Any blog that you published.

4. NON tech training such as : ITIL, PMP, AGILE, SCRUM etc.

Cheers,

Raj

Re: CISSP: Group B credits

Alec — Thu, 21 Dec 2017 20:19:24 GMT

Thanks Raj, this is good to know.

Initially I was under impression I must earn 10 Group B credits, but now that I learned it's actually "either A or B" the pressure is off! I think there are much more clear ways to earn Group A than Group B credits and this is good.

Re: CISSP: Group B credits

Alec — Thu, 21 Dec 2017 21:02:20 GMT

Thanks @amandavanceISC2, this is certainly helpful. I'm still a bit confused about the treatment of extra credits - so they don't rollover to the next year, but are considered in the total required 3-year count. Using your example, if I earned 50 credits in year 1, 30 credits in year 2 and 40 credits in year 3 would this satisfy the renewal requirements? How about this scenario: 50 in year 1 + 50 in year 2 + 20 in year 3?

Re: CISSP: Group B credits

amandavanceISC2 — Fri, 22 Dec 2017 13:06:42 GMT

@Alec that is correct! At this time, we are not currently enforcing the suspension policy, so as long as members are meeting the three-year CPE and AMF requirements, they will not be penalized if they do not meet the annual CPE requirement of 40 a year. This means that (per your example), if in year 1 you submit 50 CPEs, year 2 you submit 30 and year 3 your submit 40, you will end up with a total of 120 CPEs (three-year CPE requirement). Do keep in mind that at least 90 of the 120 have to be domain related activities (Group A). The other 30 can be Group A or Group B, or a mixture of both. Please feel free to call me directly if you think it might be easier explained over the phone.

Best Regards,

Amanda Vance

727-493-3579

Re: CISSP: Group B credits

Alec — Fri, 22 Dec 2017 19:58:38 GMT

Thank you, Amanda!

Re: CISSP: Group B credits

vasantpatel — Thu, 08 Mar 2018 01:31:04 GMT

Hi Amanda,

Its kIndia confusing. Here is the sample scenario, the membership cycle is from feb to jan.

- First year 2017 say I earned 50 cpe, all in group A, the extra 10 was in November 2017, same group.

- Second year 2018 say I earned 30 cpe before june-July and then 10 after august 2018, all in group A.

- Third year 2019, I only earned 30 cpe before jul-aug or before December, all in group A.

So total I earned 120 anyway, is this doable?

On isc2 website it was indicated somewhere that as long as you earn your extra cpe in second half of year means last 6 months of your cycle you will be able to roll over those extra cpe.

Please clarify.