I am sure my question is been asked several times in other posts but I really want to hit the bullseye here by knowing e.g. if one has Zero CPEs in the first year and then the cert holder completes a few in the second year and the remaining in the final year, in such case still he/she is compliant with ISC2 CPE policies and there is no such thing as minimum annual CPE requirement for the CISSP?
Below is the status of my CPE's so far. The handbook suggested and required CPEs has caused some confusion.
It is suggested, and recommended that a person get the advised amount of CPE per year as to spread out the time and effort required to get the CPEs, but people are not required to do it that way. Some people do things like the ISC2 security congress every year or other events and get a bunch of CPEs at one time, others do them all near the end of their three year cycle, but sometimes things come up, like COVID and events and other things get cancelled leaving these people in a bind because the normal ways they got their CPEs were not available. Personally, I tend to get my CPEs in during the first year or two of the cycle so I don't need to worry about it. Another thing to consider is that if you have more CPEs than needed, anything over the required amount earned in the last 6 months of the three year cycle roll-over to the next three year cycle so you get a jump on the next cycle.
I hope that all made sense, after all it is a pre-coffee post!
John-
@JKWiniger is correct and has really good points.
From the handbook (bolding is mine for emphasis):
https://www.isc2.org/-/media/ISC2/Certifications/CPE/CPE---Handbook.ashx
Certified (ISC)2 members are required to earn and submit Continuing Professional Education (CPE) credits during their three-year certification cycle. The total number of CPE credits earned within a three-year cycle must add up to the minimum CPE credits required during a three-year certification cycle. (ISC)2 has a suggested annual minimum to help balance maintaining your certification.
There are many discussions in this CPE Opportunities board on how to earn CPEs. Here is a recent one: https://community.isc2.org/t5/CPE-Opportunities/Best-FREE-CPE-Oppurtunities-Is-there-a-ISC2-Archive-...
(ISC)² has always had and continues to have a 3-year requirement.
Effective with the Jan, 2015 CPE Handbook , (ISC)² additionally implemented an annual requirement (33% each year of your cycle). There was lots of blow-back, resulting in (ISC)² changing it to an annual recommendation effective with the Nov, 2017 CPE Handbook.
I mention this to head-off potential confusion with historical references.
I'd note that there is a common misunderstanding amongst members that it is required to attend a conference or training in order to gain CPEs. Aligned with the new reality of Work from Home and remote conferences, watching videos from conferences is a free and readily available means of gaining CPEs that erases economic and geographic barriers to members. I'd note, in particular, the compendium of online conference videos that has been compiled by Adrian Crenshaw at https://irongeek.com
When I was a board member around 2011, I had heard the lament by members about lack of CPEs, so starting posting a crazy amount of CPEs on Twitter.
Since then, I have published a daily collection of CPEs you, can earn online, via the "Virtual Security Conference" which I've published for more than a decade, with daily webinars, podcasts, videos, etc. - here is yesterday's: https://paper.li/SecWonk/1380860351?pub_id=9b621d01-d3c0-4833-b25e-75065634a868
and today's https://paper.li/SecWonk/1380860351?pub_id=d588b295-88d1-45b2-a62b-57c45e063a90
I get no money for this, I do it for community.
I also posted several years to Twitter, search for #CPE4Free and #CPEs4Free. I posted more than 10,000 CPEs.
If you can find 40 minutes a week for watching videos, you can bang out 40 CPEs in a year, no problem.
-ddh