Passed CCSP today. I seem to recall something about being able self-endorse since I have a CISSP already. Is this the case or do I need to get another person to endorse my experience...again?
If it works like the CISSP concentrations there's no further endorsement needed if you already hold the CISSP.
I would like to recommend that no need to endorse because you have already done CISSP.
It is better to refer to the relevant FAQ, rather than speculating.... Endorsement is required.
In answer to @PaulNewton's question, the endorsement must come from a CCSP, not a CISSP, so self-endorsement is not possible.
Q:Do I need to have an endorser for the CCSP if I already hold the CISSP?
A:Yes. Your CISSP certification will waive the experience requirements, but you must still be endorsed by a member in good standing for the CCSP certification. (ISC)² can act as your endorser if needed. [cite]
ah okay, I'm tracking now. Thank you for the clarification.
For the record, because I got my CCSP a few years ago. You do need an endorsement but if you have a CISSP the ISC2 will endorse you. It might sound like an odd work around but basically if you were already endorsed for the CISSP they have you covered...
John-
@AndreaMoore please forward to the appropriate party within (ISC)².
The FAQ (https://www.isc2.org/Frequently-Asked-Questions) has two seemingly contradictory answers. The first (below) implies that a CISSP can endorse a CCSP, which also aligns with the Apply for Certification instructions.
The second one, however directly states that it must be a CCSP that endorses a CCSP. If the CCSP is truly unique in this way, it ought to be clearly called out on the "Apply for Certification" page; if not, the FAQ needs an update.
It might also be helpful to explicitly include in the FAQ if and under what conditions a member-in-good-standing is permitted to self-endorse. This comes up frequently.
----------------
Can I be related to, or married to, my endorser?
Do I need to have an endorser for the CCSP if I already hold the CISSP?
-----------------
From the Apply for Certification instructions:
.... you will be required to provide an endorser – another (ISC)²-certified professional in good standing – who can attest to your experience. If you do not know another (ISC)²-certified professional, you can opt for (ISC)² to endorse you.
EDIT: rereading, it appears that much of this confusion may come from ambiguous wording. The second answer can be interpreted in two ways:
Thanks for all the input, everyone! We'll review the FAQ page and see if changes need to be made to the language.
To clarify, the experience requirements and the endorsement by another certified member are two pieces of the process. Both are required for all (ISC)² certifications, except for the CC which doesn't require either.
I agree that they need an endorsement. I do not think the endorsee must be a CCSP. I think any ISC2 cert holder in good standing should be able to endorse.
@SalPortaro wrote:I do not think the endorsee must be a CCSP. I think any ISC2 cert holder in good standing should be able to endorse.
I too suspect that is the case, but official FAQ can be read that it must be a CCSP -- especially due the lack of a comma before the "for". Until the ambiguity is resolved, the least-risk action is to have either (ISC)² or a CCSP endorse because it does not introduce the potential for self-dealing accusations.
The original question was if PaulNewman can endorse himself since he is a currently a CISSP holder and presumably in good standing. The FAQ is silent on that, although it does explicitly allow what one might consider nepotism, implying that conflicts of interest is not a concern and therefore that self-endorsement may well be OK. But once again that is not the least-risk approach.
When it comes to rules like this, I don't like hearsay or individual interpretation of the rules. Instead, I prefer the rules be clear and unambiguous, so there is no question about which side of the ethics one is landing on. Hence my earlier suggestion that the FAQ verbiage be clarified.