Re: Additional Non-CISSP Path to ISSAP, ISSEP and ... - Page 5

AndreaMoore · ‎10-23-2023

ISC2 has introduced an additional path to earning

the ISSAP, ISSEP and ISSMP certifications. This new path removes the CISSP as a requirement, while recognizing seven years of relevant experience as a qualifying factor in earning the ISSAP, ISSEP or ISSMP.

There are now two ways to earn and maintain these specialized, role-based certifications. Learn more at ISC2 Insights: https://www.isc2.org/Insights/2023/10/Additional-Non-CISSP-Path-to-ISSAP-ISSEP-and-ISSMP-Certificati...

ISC2 Community Manager

D-manstewart

So for me as a member I'm a bit late to do the party, but reading through the 4 pages of comments I kind of get the drift of people believing it is cheating the CISSP it self and should have been communicated more clearly with members instead of just through posts. This is where I think ISC2 can do a better job of using people who are well known and vetted in the space to share information. Similar to how brands use content creators to get the word out about new products.

All that aside my issue is with the concentrations being separated from the CISSP as an alternative path, gives way to issues with them renewing the CISSP. I passed the CISSP in 2022 and decided to get my CISSP-ISSEP this past September ( and officially got the accreditation today 11-04-2024 ) it doesn't renew the CISSP which is kind of wild because now after all this time, I'm either going to have to take CISSP again OR get some cert in-the next 3 months because the "concentrations" don't recertify the base CISSP cert.

So instead of searching through or downloading some ultimate CISSP guide, if you have a CISSP in good standing and take a concentration why did the decision ultimately take place to remove them and and not renew the CISSP ? And is there any path or credits given towards the base CISSP ?

nkeaton

I would have to look it up and have never done it on my exams, but I believe that you might be able to claim up to 40 hours of study time for a certification on the ISC2 list. I earned my ISSEP last year and ISSMP this year. I had plenty of CPEs and have never claimed study time. The only organization that I know of for sure that just renews certifications if pass higher ones is CompTIA, and ISC2 is much better than them in recognition and respect. Hope that you work it out. Definitely read the NIST documents for the ISSEP. I did see announcements on the concentrations being able to stand on their own. BrightTalk has informational webinars on those changes. I might suggest that you concentrate on ISC2 BrightTalk webinars as if give your member #, ISC2 applies your CPEs automatically. This also means that they are not subject to audit. I think is a great way to get CPEs and keep current.

Steve-Wilme

You can probably use the study for the ISSEP as a proportion of your CPEs for the CISSP if it hasn't already expired or your in the grace period post expiry.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS

Steve-Wilme

You can claim a reasonable amount of study time as CPEs. To give an idea, I did the ISSMP and claimed maybe 20 hours, then the ISSAP and claimed maybe a similar amount. The evidence I used was that I'd actually passed the exams, as you'd be unlikely to pass without doing at least some study. Last cycle I used the CCSK study as part of my CPEs. That's a pretty straight forward exam about cloud, so if you're 10 or 15 hours adrift on your CPE total may be worth looking at. Again the cert is good evidence that you've done the study.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS

Additional Non-CISSP Path to ISSAP, ISSEP and ISSMP Certification