cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CraginS
Defender I

Are Officers & Board Members Required to Monitor The Community?

It is very gratifying to know that (ISC)2 CEO @david-shearer keeps an eye on the Community discussions here. Thank you, David.

 

Is it an operational requirement that all officers and board members also do so? If not, I recommend the Board make it a standard policy and actual practice. Board awareness of member concerns, questions, and problems will benefit us all. And it should NOT be based on a headquarters staff member preparing a summary report for the officers and board members. Such filtering done by a staff member opens the likelihood of self-protection censoring by the staff in the US versus THEM quandary I discussed in a separate post here on Member Support versus Customer Support

 

The best example of the need for such focus is the current mess that is the terrible CPE portal, with no reasonable correction in sight, and an attitude expressed by (ISC)2 staff in the responses here of "don't bother us; we'll have it fixed in a year or so." 

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
17 Replies
denbesten
Community Champion


@Shannon wrote:

 

[After Jack's] new cycle begins,... he happens to be selected for an audit, and it's found that he falls short of the CPE cycle requirements. 

Regarding hypothetical Jack, this can happen even independent of the portal's shortcomings.  This border case ought to be spelled out in  the handbook.  My recommendation is that if one were to posthumously fail an audit, they be granted a 90 day grace period to "re-earn" the necessary CPEs, mimicking the timing for other portions of the audit process.

 

That said, hypothetical Jack can completely and efficiently avoid the problem by leveraging the rollover process.  CPEs earned beyond the required 120 are rolled into your next cycle (see page 11 of the handbook for important limits).  Had Jack recorded 130, The extra 10 would have covered his audit-loss. If not needed, they become a head-start on the next cycle. 

Shannon
Community Champion

 


@denbesten wrote:

Regarding hypothetical Jack, this can happen even independent of the portal's shortcomings.  This border case ought to be spelled out in  the handbook.  My recommendation is that if one were to posthumously fail an audit, they be granted a 90 day grace period to "re-earn" the necessary CPEs, mimicking the timing for other portions of the audit process.

 

 

 

 

The way I see it, the portal issues are a root cause here. I've seen CPEs get duplicated automatically and reported this to membersupport@isc2.org, who asked me to delete them manually. Finding them required tracking the CPEs --- an arduous task, thanks to the issues I mentioned earlier.

 

(ISC)2 can provide a grace period to re-earn the CPEs, as you recommended, but it would be a corrective action, so it won't suffice. A preventive action that addresses the portal issues is ultimately needed...

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
eparedes_214
ISC2 Team

Good morning Shannon,

 

All the concerns and recommendations you and other members have raised are well noted and taken into consideration.  We do acknowledge the challenges that our members are encountering on the various issues you've raised, and we are accountable for all this.  

 

In the hypothetical situation you've raised, please be assured that we do not terminate/decertify our members without fully investigating the whole situation.  We will make accommodations/exceptions where things fall off on our end, and members' fulfilling their requirements are compromised.  We are committed to resolving these issues in a consistent, fair and impartial way based on policies and guidelines we have in place. We recognize the hard work members put in to acquire/earn their certifications.  

 

If, for any reason, moving forward you feel that the support you're getting is inadequate, please do not hesitate to contact me.  I will make sure your concerns are heard and addressed.

 

Thank you again for your thoughts and input.

 

Beth

denbesten
Community Champion


@Shannon wrote:

 I've seen CPEs get duplicated automatically ... tracking the CPEs --- an arduous task....

Without question, decreased reporting visibility makes it much more arduous.  However, duplicate CPE entries have been an issue since long before the new portal was released. 

 

I suggest that the typical root cause is that the "submitted on behalf" process takes too long.  Oftentimes, members manually submit, believing that the process failed only to later discover that it was simply delayed.  With today's technology, we tend to expect that such actions are performed "real-time", not batched up for processing days later.

 


... a grace period... won't suffice. A preventive action ... is ultimately needed..


Given that there are many reasons for failing audit (e.g. the topic might not be applicable to the credential) and that any reason could cause a failure after the cycle has closed, I do feel there needs to be a defined/published process for rectifying posthumous audit failures.

 

Shannon
Community Champion

Dear Beth @eparedes_214,

 

 

The support from membersupport@isc2.org has been adequate, but I'd rather not have to ask for it so often.

 

Anyways, if their response isn't satisfactory, I will contact you. Thanks.

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Shannon
Community Champion


@denbesten wrote:

Given that there are many reasons for failing audit (e.g. the topic might not be applicable to the credential) and that any reason could cause a failure after the cycle has closed, I do feel there needs to be a defined/published process for rectifying posthumous audit failures.

 


I agree. Hopefully they have a process in place to deal with this, and if yes, publishing it will provide members with a good deal of assurance.

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
CraginS
Defender I

 

 


@gthompson wrote:

Hello Mr. Shelton, My name is Greg Thompson, I'm a member of the (ISC)2 board of directors. I've been involved as a volunteer with (ISC)2 for many years, first as a member of the North American Advisory Board, and now I'm in the middle of my second term as a board member. David Shearer passed along your feedback from this forum and I also read his response to you. 

 ...!

 

Best Regards

Greg Thompson CISSP

Member, (ISC)2 Board of Directors and Treasurer of (ISC)2

gthompson@isc2.org

 

 


Greg,

Thank you. This is great that you and David @david-shearerboth are engaging here.  Solid information and good perspective. 

Many of us hope to see continued involvement of officers and board here, just as you describe.

 

Oh, and be aware that communication of board members and candidates is a rising topic over in the BoD Election group.

 

Best regards, and thanks, again.

 

Cragin

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
gthompson
Newcomer II

Thanks Craigin! Communication is something that I think will always be a focus area because it's such a personal thing. We all consume information in different ways and we all have different strengths regarding our ability to convey a message. I am glad though that through forums like this we can engage in constructive dialogue! Cheers! Greg