cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Bryan787
Newcomer I

CCSP Endorsement Time

I submitted my CCSP Endorsement on 9 Feb 2018, and was self-endorsed as I am a CISSP. I am pretty impressed that the whole endorsement process is fully automated, which is quick and easy to use (Good Job ISC2!).

 

However, it has been a month since my submission and there are no news about it yet. I do not mind waiting, but I would think that by automating the process and since it is a self endorsement for this case, the waiting time would have been slightly shorter than compared to other certifications.

 

Have a great day ahead. 

 

Cheers.

37 Replies
StephanB
Newcomer II

It's all good! I don't know if all these required manual steps by isc2's staff or not. I assumed it would all happen automatically after getting the award email. It took a few more days but it's all good now.
Thanks for reaching out.
ramadji
Newcomer II

Hello (ISC)²,

Even though this thread is several months old, I'm in the same situation.

I passed the CCSP on July 12th and submitted my endorsement on August 9th. I'm still waiting to hear from (ISC)². My endorsement is listed on the endorsement portal as being with the endorser so I'm not sure what is left to do. Is it still in the queue? It has been more than six (6) weeks now. Could you look into this for me?

 

Thank you in advance. 

 

Ramadji D.
M.Sc., CISSP, CISM, CCSP
amandavanceISC2
Moderator

@ramadji Thank you for your post. Please note, if the endorsement says it's with your endorser, that means the endorser has not approved your endorsement and (ISC)² does not yet have it. Once your endorser approves your application, you will receive a confirmation email that (ISC)² has received it and to allow up to 6 weeks for processing from that date. Please contact your endorser and provide them with the instructions below to locate your endorsement. 

 

1. Log into your (ISC)² profile

2. Hover over the 'Certifications' tab

3. Click "Endorsement"

4. Click hyperlink in first sentence, 'Online Endorsement Application'

5. Scroll to the bottom of the page. You will see a pending endorsement

 

Best Regards,

Amanda Vance

ramadji
Newcomer II

Hi Amanda,

Thank you for your feedback.

Much appreciated.

Ramadji

Ramadji D.
M.Sc., CISSP, CISM, CCSP
ramadji
Newcomer II

Hello,

Just a quick message to say that after several months of patience, I finally heard from the (ISC)2 last Dec. 5th and I'm now a CCSP. It's a great feeling. Next target: the CISSP.

Thank you.

 

Ramadji

 

Ramadji D.
M.Sc., CISSP, CISM, CCSP
johnson1
Viewer III

Good for you.  Congratulations on passing the CCSP.

 

I passed the CCSP exam on 15 October 2018.  I submitted my endorsement application on the same day.  As I already hold the CISSP credential one would expect the process to be much quicker and easier.

 

It is now 8 weeks later (not 6 weeks) and I am STILL waiting to hear from ISC2.  The last time I checked the status on line "The endorsement application has been received but processing has not yet started".  I am completely sick of seeing this message.  I am now wondering whether I will hear anything from ISC2 this side of Christmas.

 

Any kind of update would be nice ISC2!

amandavanceISC2
Moderator

@johnson1 Thank you for your inquiry. Please note, the 8 weeks does not include weekends or holidays (Thanksgiving in the U.S.). If your endorser approved your application on the dame date and October 15, 2018 is the true date (ISC)² received your endorsement, you should be hearing back very soon (within a week or two).

 

Best Regards,

Amanda

denbesten
Community Champion

 

I'm not trying to throw stones, but it seems obvious that the backlog is trending in the wrong direction.  Rather than "waiting it out", it might be more effective to:

  • Streamline the process.  E.g. eliminate the endorsement requirement when one already has a certification that is more advanced (CISSP earns a CCSP or SSCP) or equivalent (Sec+ earns SSCP).
  • Outsource  menial steps to free up internal resources. E.g. hire a fulfillment house to print and mail physical certificates.
  • Hire temporary staffing when the backlog exceeds par.
  • Parallelize efforts. E.g. allow one to submit endorsement after they pay for the test, rather than waiting till they have passed the test.
  • Manage expectations.  Regularly post the current backlog and/or provide an automated status mechanism ("The next available rep will be with you shortly. You are currently 278th in line.  Your wait is estimated to be 21 business days." Smiley LOL ). 

For reference:

The normal wait is 4-6 weeks.

May 15, it was observed that the wait was 4 weeks, 3 days.

On Nov 1, it was observed that the wait was 7 weeks, 2 days.

On Nov 20, it is being reported the wait was 6-8 weeks. 

On Dec 7, it was observed the wait was 8 weeks 5 days.

On Dec 12, @johnson1 observed that he is at exactly 8 weeks, 2 days (inclusive of 2 holidays) and still waiting.

On Dec 12, it is being reported that one needs to wait a week or two beyond 8 weeks, implying that the backlog is now 9-10 weeks.

CyberLead
Newcomer III

Originally, I believed that the 6 week timeframe is the current norm. I'm a CISSP and passed my CCSP exam on October 23rd, 2018. Upon receiving the test result confirmation email the next day, I immediately submitted the endorsement info. That's largely automated now, and it picked up my CISSP as meeting the experience requirements for the CCSP.
 
That email said to expect a 6 week turn-around, however the webpage wherein I submitted my endorsement stated that it was taking approximately 8 weeks, as others have seen. I originally thought that the Thanksgiving and Christmas holidays here in the U.S. could prolong it. Accordingly, it's not surprising me that it could take even longer (because it is now longer) and this proves that (ISC)2's expected time frames (first 6 weeks, then 8, now obviously something else) aren't valid, even as rough estimates.  

 


The leadership at (ISC)2 must understand the real cost of a continuing problem of this magnitude; their credibility on this subject is gone. A loss of credibility with your customers is very expensive, and difficult to recover from.

 

Ask any organization that's had a data breach.

 

They'd have more credibility with me if that admitted that they made a mistake in not implementing a system that can cope with an increase of endorsement requests, after years of successfully marketing their products. Then they would follow that by ceasing to provide meaningless time frames and admit that they really have no idea how long it will take.

 

Everyone makes mistakes, and most people are forgiving of them.  In order to gain that forgiveness, they have to come clean with their customers and explain how they made their mistake(s) and - just as importantly - how they're going about fixing things.

 

If they're having trouble fixing it, they need to open up and solicit solutions. The membership includes many of the "smartest people in the room," so by socializing the issues, the constraints, and the poor decisions, they'd be able to tap into a large body of knowledge.  Many of us have offered up solutions, but we're doing so largely in ignorance of the root cause of the problem, because (ISC)2 hasn't informed us.  This is not something to be embarrassed or ashamed of.  This is a "teachable moment" that we can all benefit from. Instead, they've chosen to offer up invalid estimates, and stay silent on the root cause.

 


I can't speak for anyone else, but I've heard nothing, not even the "status email" that others have referred to. A couple of days ago I sent an email to customer support, but didn't receive a reply yet.  In fairness to them, I sent it mid-day on a Friday (and I'm in the same time zone as their U.S. Florida office) so there may not have been enough hours in the workday to reply.  I wanted to wait until I was clearly beyond the 8 week window, so as not to delay things even more with email traffic.


 

On one hand, the idea of waiting 2 (or perhaps 3) months to get through the endorsement, when (ISC)2 knows that a candidate has met the requirements with a current CISSP and a passing exam score, is frustrating, but not necessarily harmful, if it is well-socialized that such delays are par for the course.

 


However, on the other hand, (ISC)2 should understand that their inefficiency can jeopardize a customer's financial standing.  Some companies want to "close the books" on expense reports at the end of the year.  In those organizations, if an employee does not submit the expense report by the end of the fiscal year (with verifiable proof that they've attained the certification the company is reimbursing for) the company may not reimburse. If the employee paid out of pocket, expecting that (ISC)2 would turn things around quickly enough to meet his or her company's requirements, they were in for a rude awakening and probably look none too kindly upon (ISC)2's inefficiencies.


 

Yes, some might say that company deserves part of the blame; that they should change their policies and processes to accommodate a situation beyond the employee's control, but private companies are free to make their own choices with this, if they reimburse at all.  I've worked for others that say an expense report must be submitted within 30 days of incurring the expense, and similar policies.  In that world, reimbursement is not possible with (ISC)2's current model, so folks working for those companies will absorb the full cost if they pursue a certification. I do not blame the business because they have to manage their finances and expenditures, even if it is an employee "benefit" to get reimbursed in pursuing professional development.  That is a subject worthy of it own discussion elsewhere on the community.


 

Considering that many candidates attend a boot camp type training class that may cost several thousand dollars (USD) and may pay several hundred more for the exam, the employee's monetary outlay is not insignificant. The more customers that have to bear that cost alone, means that over time (ISC)2 may lose customers.

 

Think about that as an incentive to become more efficient.


 

(ISC)2 may be a non-profit organization, but it is still a "business" with customers and competition.  Like any business, it must listen to the "voice of the customer," and constantly find ways to show that it is the best choice among the competition.  This forum, and similar postings elsewhere, show that the delay has become a widespread problem and is worsening.

 

(ISC)2 occasionally comments here, showing that they are listening to the voice of the customer, but in those replies I'm not seeing the moderators announce the steps the organization is taking to implement a long-term solution to what will surely be a long-term problem. As others have noted, solutions abound, but their practicality is unknown, since we still haven't been made privy to the root cause.


 


Organizations that face little, or no, competition are typically the least inclined to innovate.  The competitive model is skewed in this industry, because each of the competitors offers its own certifications, and, while there may be some measure of equivalency, they are not equal.  Nor are they equally desirable, so there is a certain amount of "vendor lock-in" wherein a company or government contract may require a specific certification, with no alternatives.  The candidate employee - (ISC)2's customer - has no choice but to purchase (ISC)2's product, if they want the job.


 

As for me personally, I already have a job, and I have now completely absorbed the cost of materials, training, the test, the airfare, the hotel, and other travel expenses.  I did it because I see at least two areas of value:


 

  • The first is the return on investment I made by paying out of pocket for the training I took, and the materials I purchased to prepare for the exam.  That return manifests in the knowledge I apply as I strive to do more to protect my government client.  That is a very good thing for them, the country, and ultimately for the world, as we are all better able to protect ourselves from the malicious actors; for they pose an international threat.


 

  • The second return on investment is purely selfish; it would be the ability to state that I am now a Certified Cloud Security Professional, and it would enhance the broad areas of knowledge demonstrated with my other certifications.  For that, after more than two months, I have received no return on my investment.


 

If anyone from (ISC)2 responds to this, kindly understand that I'm no longer looking for you to tell me when my certificate will be awarded.  Quite bluntly, the organization has lost considerable credibility among members like me that have proof that the previously announced expected wait times were meaningless.  No, if you respond, I'd like to know what concrete steps (ISC)2 is taking to solve this problem.  That would have meaning, and if you follow through on it, this would go a long way toward restoring your credibility.


Lloyd Diernisse

ISC2 Authorized Instructor and Learning Tree International Certified Instructor
Lean Six Sigma Black Belt | CISSP-ISSMP | CCSP | CGRC | PMP | CSM | CMMI-A | ITIL-Fv3
AlecTrevelyan
Community Champion

I totally understand your frustrations, CyberLead. I went through this exact same process 2 months ago and posted about my own frustrations in the main endorsement thread over in the certifications subforum making many of the same points you have:

 

https://community.isc2.org/t5/Certifications/CISSP-Endorsement-Wait/td-p/15458

 

The original post in that thread mentions the endorsement delays were due to a system upgrade, something which was stated in the email the thread starter received from ISC2. It's later said in that thread the endorsement queue was suspended for 2 weeks during the upgrade hence the change from 6 to 8 weeks. The story later changed to the cause of the delays being down to a high volume of applicants.

 

It's worth noting the emails that are being sent out to new applicants still state 8 weeks even now (I received an email saying exactly that just 3 days ago), despite it being widely regarded the queue is running at close to 9 weeks and will likely be 10 weeks for recent or new applicants due to the holiday season, so expectations are not being managed appropriately.

 

As I opined in that other thread, I see the issues with the endorsement process as being the same as, or related to, all the issues with the member portal and CPE submission system. They were all "upgraded" and reliability and some functionality went south!

 

All the posts I've seen from the admins on the subject say that fixes are coming in 2019, but no details have been provided beyond that.