Is (ISC)2 membership a mandatory thing to earn it's certifications?
Since I've got certified for the first time with one of it's certification (CISSP) I needed this clarification.
As for as I know from my experience, Professional organizations like PMI, ASQ, ACCE, HIMSS etc, don't insist on the membership as mandatory requirement for getting their certifications. Of course being a member shall provide them with some privileges like reduced recertification fees, free educational resources/ webinars/ trainings/ meetings etc. (that's a different story !!!).
This is the first time I'm in a pitiable situation of unable to enjoy the hard earned certification in spite of:
1) Having paid a high certification exam fee of USD 824.82 (inclusive of taxes).
2) Putting all the best efforts & additional spending for study materials to pass.
3) Patiently waiting for 6 weeks for the endorsement process to complete.
In the eagerness to receive the certification even if I try to pay the AMF, there are lot of glitches in the online payment gateway. Due to this security vulnerability my bank(Citibank) is not willing to approve the online payment by card. It's ironic that for an International organization whose motto is "Inspiring a Safe and Secure Cyber World" these sort of security vulnerabilities doesn't seem to an issue at all !!!.
Thanks & Regards
Sathya
Hello Sathya,
I sent you a bit of information in a PM, but wanted to reply here in case others have similar questions.
Once you pass any (ISC)² exam, you have to meet certain work experience requirements (pass the endorsement process), pay your annual maintenance fee and agree to the Code of Ethics to become a full member. This is how you can claim your CISSP - or other certification - status.
If you don't have the necessary work experience yet, but still pay your AMF and agree to the Code of Ethics, you can become an Associate of (ISC)². Associates have all the benefits of (ISC)² membership - access to continuing education, webinars, discounts, etc. - but without the full certification status. Once they meet their work experience requirement, however, they become fully certified members.
For (ISC)², holding a certification and being a member are one and the same. It is not simply an exam you are passing, but as a member you are agreeing to hold up a Code of Ethics professionally, as well as continue to educate yourself and grow as a professional by meeting your Continuing Professional Education (CPE) requirements.
I understand that some exams or organizations are different and a test is a test and you get a certificate, but our certifications are different than certificates.
I hope this helps!
Hi Kaity,
Thank you for the response.
Whatever you mentioned in terms of the requirements like the educational qualification, work experience, agreeing to the code of professional ethics and maintaining the CPE credits for retaining the certification holds good for the other professional exams as well.
Why can't the eligibility be ascertained while applying for the certification exam?
Every candidate knows about the certification requirements and having got confirmed, he/she can complete the certification exam and get certified.
The random process of validating the eligibility claim can always go hand in hand.
What I'm trying to highlight before the learned community is that there is a standard that is to be followed.
I very well know the difference between a certificate and a certification having got several of them(both) !!!.
At the end of the day it's all about how we make the certification process more simpler, transparent and efficient.
Keeping our internal customers & stakeholders satisfied shall always pave way to achieve the strategic goal in a successful manner.
It's not about my way or no way !!!
Thanks & Regards
Sathya
@bmcoolguy wrote:Is (ISC)2 membership a mandatory thing to earn it's certifications?
Since I've got certified for the first time with one of it's certification (CISSP) I needed this clarification.
While someone gave a more direct answer, let me clarify a little.
ISC2 is NOT a professional association like PMI, ISACA, etc. With those you can join without getting a certification, and you can get a certification with them without joining.
ISC2 is a certifying body. You join by becoming certified and your maintenance fee is basically your membership dues. So you can't join until you get certified and your membership is automatic, not optional. There are some other groups that are the same way.
Thanks for the discussion, everyone. Just to add a bit more:
(ISC)² is actually an association. We are a nonprofit membership association of certified cybersecurity professionals. By earning a certification, you become a member of (ISC)². Annual Maintenance Fees (AMFs) go to support the ongoing maintenance of the certifications and related systems. Per our bylaws, (ISC)² “exists to support and provide members and constituents with credentials, training, education, resources, and leadership to manage and secure information and deliver value to society.”
As to the question about evaluating experience requirements for each candidate prior to taking an exam, our endorsement process is very thorough, applying the same depth of review for all candidates, which we do not have the resources to apply to everyone before they register for an exam. The endorsement step once an exam is passed is part of our ANSI-accredited certification process, which is not easily changed and ensures transparency and consistency on a global basis for our evaluation and issuing of all credentials. All work experience requirements are publicly available, and it is the responsibility of the candidate to understand and know if they have the necessary experience to become certified or if it’s more appropriate for them to pursue associate status prior to earning certification.
Thanks for the confirming that ISC2 is NOT a professional association and NOT a certifying body. !!!
Whatever observations that I had made were only in the best interest of the ISC2 and hope it has not been taken as a negative criticism.
By the way at last I could pay my remaining AMF ($75) with the help of my friend's card and have been confirmed with the CISSP badge.
Thanks & Regards
Sathya
@SamanthaO_isc2 wrote:...
(ISC)² is actually an association. We are a nonprofit membership association of certified cybersecurity professionals. By earning a certification, you become a member of (ISC)². ...
A bit of history helps explain this confusion. When first formed beginning an 1989 and coming to fruition in the early 1990's, (ISC)2 was a consortium of six membership organizations, NOT a membership association itself. Those groups saw the need for a solid information security certification, independent of any commercial enterprise. They banded together to create this Consortium, who's sole purpose was to develop and manage the certification, the CISSP.
Some time after 2000, the (ISC)2 Board converted the organization into a membership association, and made completion of the CISSP or the SSCP (the only two certs at that time) the criterion for membership. I think (but do not know) that one reason for this change was that the original founding organizations, including ISSA and IFIP, and U. of Idaho, were no longer as active in managing the Consortium.
Thus, old timers like me may still recall (ISC)2 as only a certification organization and not a membership organization. AS Samantha said, today it is a membership association.
@CraginS wrote:
@SamanthaO_isc2 wrote:...
(ISC)² is actually an association. We are a nonprofit membership association of certified cybersecurity professionals. By earning a certification, you become a member of (ISC)². ...
A bit of history helps explain this confusion. When first formed beginning an 1989 and coming to fruition in the early 1990's, (ISC)2 was a consortium of six membership organizations, NOT a membership association itself. Those groups saw the need for a solid information security certification, independent of any commercial enterprise. They banded together to create this Consortium, who's sole purpose was to develop and manage the certification, the CISSP.
True.
But another reason this happened, from what I was told, was there was concerns by others that one or more of these membership organizations would start creating their own security certifications (similar to what ISACA has done), and so you'd have 2 or 3 or more competing security certs from various orgs, rather then 1 strong security cert not tied to any particular member org.
Hence the drive to form ISC2.