@mcnj, in view of all this, perhaps you should ensure that you've met the minimal amount of CPEs using the sources provided on (ISC)2's site itself, and use other sources to supplement these.

@Shannon,

I suspect you are over-thinking this and causing yourself unnecessary stress.  Just earn a few extra CPEs (e.g. 10%) and rest easy knowing that you can afford to lose a few audits.

I have been audited on about 2% of my submissions.  Each has been for a single CPE submission and came within a month-ish of submission.  In all cases, I have (over) responded with three pieces of information and passed with no further follow-up.

1. Evidence that I attended, such as a screenshot, an email confirmation, a completion certificate, etc.
2. A copy of what caused me to believe it relates to one or more of the domains, such as the overview slide, the online description, etc.
3. A thank you and an offer to provide anything else they may need. 

Historically, I emailed the first two to myself to create a timestamp and so I could find the evidence if needed. With the "new" portal, I now attach them to each submission, with the hopes that my first auditor contact will include a declaration that I passed --- instead of asking for more detail.

The ultimate way to minimize both risk and effort is to enter month 31 of your cycle with 120 credits and finish month 36 with 160 credits.  This will leave you with 40 credits available to cover audit failures. If unneeded, they all end up rolling over to your next cycle, so no effort wasted.

---

@denbesten wrote:

@Shannon,

 

I suspect you are over-thinking this and causing yourself unnecessary stress.  Just earn a few extra CPEs (e.g. 10%) and rest easy knowing that you can afford to lose a few audits.

 

 

---

@denbesten, rest assured this isn't causing stress; I can rely on the politics I see at work for that... 

I maintain more than the required number of CPE credits, so even if there's an audit there is no possibility of inconveniences occurring. Like you said there's the roll-over, limited to 40 surplus CPEs earned in the last 6 months, & so there's no harm claiming CPEs, long as the minimal required is satisfied from verifed sources.

However, in case @mcnj ins't familiar with the caveats here, we're simply providing advice and clarifications.

Thanks for the replies everyone. I appreciate the assistance. I will continue doing what I'm doing 🙂

i have one more question on this.  When I've been entering these security-based CBT courses, I enter them under category "Education Course".  Is that correct?  Since I'm watching these courses online, wasn't sure if I should be using "Online webinars, podcasts and other online materials"

What do you all do for online courses like this, such as Cybrary

@mcnj That is a great question! Going forward, I would submit them under "Online webinar, podcast or other online training" as this is more for webinars and CBT. The category for "Education Course" is more for seminars.

Best Regards,
Amanda Vance

Hi Amanda,

Thanks for the quick reply!  That's great to know.  I'm assuming if I attended a course from company, such as Global Knowledge or SANS, I would list it under "Education Course"?

@mcnj Yes, you have it correct. Any courses that are class-room based would fall under "Education Course".

Best Regards,
Amanda