cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CraginS
Defender I

CPE Questions: Read This First!

Before asking a question in the forum on what counts as a CPE, whether a specific activity can count as CPE, or how many you need, PLEASE read the current 2020 edition of the CPE Handbook to start your effort. We all need to know the information in the handbook to maintain our certifications.

 

If you still need help for your question, start a new thread in CPE Opportunities (not a reply to this one) [edited 8/29/20 to change to new Forum area on CPE] , use an informative Subject that will let staff and members know your problem, and cite the section or paragraph in the handbook that is confusing you. [Edited 4/6/2020 to add this paragraph]

 

If you are unsure what documents you need support a CPE submission, either initially or in audit, check the handbook first. If you do not see clear guidance there, then ask yourself what you would accept if you were performing a due process audit of someone else's claim for that activity or event.  [Edited 4/18/2020 to add this paragraph]

 

(Obviously, problems with the CPE reporting site do not fall under the handbook.)

 

Thanks to William @denbesten and Diana @dcontesti for spotting the announcement from Kaity @Kaity in the middle of another thread, and thanks to Kaity for pointing out the new edition there.

 

Kaity, please pin this new thread to the top of the Member Support.

 

<Rant> If a certified security professional is unable or unwilling to read the handbook to manage a career in the field, I question that individual's ability to understand and use the many technical and regulatory documents we all must use to do our jobs. Translation: Asking here before reading the rules makes me question whether I would recommend or hire that person.<Rant OFF>

 

Craig

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
17 Replies
zzptest
Newcomer I

Disappointing to see that there's still no mention of development or contributions to open source projects listed in the new handbook.

AlecTrevelyan
Community Champion


@zzptest wrote:

Disappointing to see that there's still no mention of development or contributions to open source projects listed in the new handbook.


The examples in the handbook are not exhaustive. There should be enough general guidance in there for people to be able to determine if any activities are eligible for CPEs, and, if so, what type and how many, even if those activities are not listed as specific examples.

 

Steve-Wilme
Advocate II

I'd have thought given possible restrictions on movement and potential cancellation of events in 2020 that reading the CPE guidance before seeking clarification if anything is unclear would make most sense.  Another useful tactic is to be ahead of the curve in the 3 year cycle so you're not struggling to find CPEs at the last minute, as that's really not the idea of continuing ...  

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Andreas_Haamann
Newcomer I

Thanks for pointing out to the new CPE guide! I still have some questions though, regarding chapter "Contributions to the profession", section "Create New Industry Knowledge", on page 15.

There is a differentiation between the activities of writing an article, worth up to 20 CPEs as author, and writing a white paper, worth up to 10 CPEs as author. All the other categories are pretty clear to me, however I have a hard time to distinguish these two.

Is article "simply" an security-related article that is published in a magazine of any kind? Or is it an article/paper in a peer-reviewed research journal? And how does a white paper correlate to those two? What are the differences? White paper implies kind of self-publication, similar to a blog post?

 

My gut feeling would say that article strictly implies an article in a peer-reviewed journal and alike (e.g. ACM, IEEE, etc.), considering the efforts with literature research and so on. Comparing that to a "simple" magazine article (InfoSec magazine? Smiley Wink Smiley Wink Smiley Wink ), the awarded CPEs seem to be a bit odd. However, I miss experience when it comes to writing magazine articles, maybe they involve more effort than I can imagine?

 

Thanks for the support!

CraginS
Defender I


@Andreas_Haamann wrote:

Thanks for pointing out to the new CPE guide! I still have some questions though, regarding chapter "Contributions to the profession", section "Create New Industry Knowledge", on page 15.

There is a differentiation between the activities of writing an article, worth up to 20 CPEs as author, and writing a white paper, worth up to 10 CPEs as author. All the other categories are pretty clear to me, however I have a hard time to distinguish these two.

Is article "simply" an security-related article that is published in a magazine of any kind? Or is it an article/paper in a peer-reviewed research journal? And how does a white paper correlate to those two? What are the differences? White paper implies kind of self-publication, similar to a blog post?

 

My gut feeling would say that article strictly implies an article in a peer-reviewed journal and alike (e.g. ACM, IEEE, etc.), considering the efforts with literature research and so on. Comparing that to a "simple" magazine article (InfoSec magazine? Smiley Wink Smiley Wink Smiley Wink ), the awarded CPEs seem to be a bit odd. However, I miss experience when it comes to writing magazine articles, maybe they involve more effort than I can imagine?

 

Thanks for the support!


 

Andreas,

You ask an excellent question, and one that likely should be addressed by staff clarification and in the next CPE Handbook update. I recommend you re-post this note as the first message in a new thread here in Member Support, with a title that all attract staff and members to read it. As a new thread, with informative Subject, you are more likely to get attention to your question. Consider "How are Article and White Paper Different? (p. 15)"

 

 

Because of your note here, I realized the importance of each question needing direct attention, so I edited my starter message above to suggest new threads.

 

Next, here is my personal opinion on a possible useful distinction between an article and a white paper. An article has to have been actually published (not simply submitted) by an external web site or print publication, not affiliated with the author or the author's employer, subject to editor and preferably peer review prior to publication. A white paper is an informative paper released in electronic or print form directly by the author or the author's employer, without review and approval by an external editor. Your suggestion that a blog post might be a white paper is a grey area, given the length of most blog posts (including my own). I would expect a white paper to have more length and depth than most blog posts.

[If you repost your  question in a fresh thread, I will reply with a version of the above paragraph there, too.]

 

Good work, Andreas; I appreciate your understanding and application fo the ideas in this thread!.

 

 

Best regards,

Craig

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
AndreaMoore
Community Manager

The new CPE portal is live. Here is a description of the updates you should see. 

 

https://community.isc2.org/t5/Tech-Talk/Try-the-New-CPE-Portal/m-p/34503/thread-id/2537 

 

 




ISC2 Community Manager
Ben_Malisow
Contributor II

Thanks, Dr. Cragin. I think what a lot of members have trouble with (especially new members) are the questions that have been asked dozens of times and never addressed (and still aren't, in the 2020 guidance). Such as: what possible documentation can I present if I'm earning CPEs by listening to podcasts? How is that auditable?

 

And similar issues.

Steve-Wilme
Advocate II

Ben,

 

It can be difficult to evidence CPEs if you're audited, but generally the audits are reasonable.  

 

It may not be relevant for now given lockdowns, but events that you've attended in person allow for a much easier presentation of evidence, such as, your invite, tickets to travel to the event, the agenda, badge to get entry, notes of thanks from the organiser etc.  And failing all that you can provide a written summary of every presentation/session you attended from your notes and suggest a contact that these could be validated through.  Otherwise using services that create an audit trail, such as, BrightTalk webinars and similar is a reliable way to get your CPEs.

 

 

 

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Ben_Malisow
Contributor II

Thanks, Steve. That all sounds great...again, the only real issue is self-study that has no paper trail (reading a book, listening to a podcast, etc.). The guidance suggests that maybe you have to write a report on what you learned from the content...but that seems more for books than podcasts.

 

We'll see. I hope I'm not inviting an audit! heh.