Hi,
I was just CISSP certified. I have 3 questions that need your help please:
(1) I am taking a class in Feb 2024 for CISM, which is 32 hours in total. Can I claim 32-hours CPE for this?
(2) Assuming I already have 20 hours CPE this year, will it be counted as well, making it a total of 32 + 20 = 52 CPEs?
(3) Assuming that I am attending three 40-hours courses this year, can I claim for 120-hours CPE this year, after which there is no need for me to get any more CPE for year 2 and 3?
Thanks in advance.
You are best to contact (ISC)2 at membersupport@isc2.org.
Here is a link to the CPE guide:
You make a number of assumptions that I do not believe are valid.
On point no. 2, did you accumulate the CPEs prior to or after being certified? That may affect the counting.
On point no. 3, read the manual, you must accumulate a specific number of CPEs per year so, I don't think once and done will work.
Member Support are the best folks to help you on this one.
d
PS: Congrats on passing the exam.
@dcontesti wrote:
...you must accumulate a specific number of CPEs per year...
This changed awhile ago, after ISC2 caught enough grief. It is now a "Suggested Annual" for members and "Required Annual" for associates (see page 5).
Hi @biteth ! So, this isn't an official answer, but I can help you... I hold both CISSP and CISM.
(1) As I understand the CPE guidelines, absolutely, a CISM course lasting 32 hours should provide for 32 hours of CPE credits for your CISSP, since there is overlap of the concentrations. Note that ISACA counts their CPEs slightly differently.
(2) Yes, if you already have 20 CPEs this year, and do 32 more, you'll have 52 this year.
(3) You can see the ISC2 Certification Maintenance Policy Member Policies (isc2.org) , and CPE Handbook CPE-Handbook-2023.pdf (isc2.org) here for specific guidelines and requirements.
I'd recommend making sure you're getting at least 40 each year to keep current - certainly Gen-AI security, digital ethics, phishing-resistant MFA/passwordless, TTPs and cloud security are evolving at a rapid pace, and worthy of attention.
I'd encourage you to track monthly, that's been a big help to me over the years. Whenever I'm doing a monthly/bi-monthly status report or submission of time, I also record my CPEs (and include that in the status report). That really helps to ensure you're capturing them all. I've found that when I include vendor demos, blogging, watching InfoSec videos, ISC2 /ISSA /ISACA /TOOOL & Locksport /OWASP chapter meetings that it's very easy to bang out those 40.
Well done on continuing your journey, and I wish you best of luck on the CISM exam!
@denbesten I have been working with old knowledge. I personally prefer gaining them each year so that I stay current.
Thanks for letting me know.
d