cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
jangle83
Newcomer I

ISC2 Certification Renewal Policy Negative Impact Paying Members

I am just about to reach the renewal date of my CISSP. I've paid all my dues and done well above my minimum for CPEs. My network accounts at work require that I have a CISSP, and those accounts will deactive on the day my certification expires. Not only is it going to make me look bad, but its going to make ISC2 look bad too because they can't provide reasonable service to their members. ISC2 is very diligent to get their money from us, but can't bother to renew our certifications before they expire. Please tell me that someone at ISC2 is fixing this. What a shame.

27 Replies
amandavanceISC2
Moderator

@jangle83 I completely understand and will pass this along to management. 

 

Best Regards,

Amanda Vance

Flyslinger2
Community Champion

@amandavanceISC2  If I could add just a little more justification to this. In many federal agencies an account not only has a "drop dead" timer on it, thinking Microsoft AD as an example, but the agency itself has systems in place for approval of those accounts. That account would go through security review, change control board, and need outside agency reviews as well. That account most likely will also be subject to internal corporate review for the contractor as well and their security, internal CCB, etc., and again external review by Federal agencies.  If that account gets dropped because the ISC2 cert isn't renewed prior to the timer going off then this ugly cycle is started all over and that person could be sidelined with no pay until they get processed again.

 

This is very real.

denbesten
Community Champion

Perhaps the solution would be to rename the field "Renewal Deadline" on the certificate and to add a second "Expiration Date" that is 90 days later.

amandavanceISC2
Moderator

@Flyslinger2 I appreciate you providing more details on the process. As like most other organizations, renewal of a term, program and/or certification cycle is not permitted until the end of a cycle or after the expiration date. With that said, can review this process.  However, we must ensure that the integrity of the certification and the renewal process is not demolished.

 

Currently, the DoD database will not accept future certification cycle. We have worked with them on this in the past.

 

Best Regards,

Amanda Vance

Flyslinger2
Community Champion

@amandavanceISC2 I have a sneaking suspicion that the "DoD database" you reference has no interface/interaction with the LDAP database that our accounts are actually stored in. Thus, where the rubber meets the road, that Active Directory account could still time out and that engineer has no access. So those mechanisms I mentioned before are still in play because the "DoD database" is not a factor.  

CraginS
Defender I


@Flyslinger2 wrote:

@amandavanceISC2 I have a sneaking suspicion that the "DoD database" you reference has no interface/interaction with the LDAP database that our accounts are actually stored in. Thus, where the rubber meets the road, that Active Directory account could still time out and that engineer has no access. So those mechanisms I mentioned before are still in play because the "DoD database" is not a factor.  


(emphasis added to quoted message)

 

Mark,

I am afraid your suspicion is not well founded. In fact, the Defense Manpower Data Center (DMDC) maintains a database specifically for DoD civilian employees, military members, and contractors to record all of the certifications that meet the requirements of DoD Instruction 6140 & DoD Manual 8570. Through agreement between DMDC and (ISC)2 there is a direct interface between that DoD database and the (ISC)2 certification record database. As a certified DoD cybersecurity contractor I had to load my CISSP data into that DMDC database and acknowledge my permission for DMDC to connect to (ISC)2 to obtain my personal information (Privacy Act protected PII) to verify my certification.

 

Amanda's  @amandavanceISC2  statement about the data fields exchanged is probably right on the money.

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
Flyslinger2
Community Champion

I'm talking about the actual network database, like AD or Apache's LDAP dBase.  This is where the production accounts are stored and their expiry dates are entered. If those expire before manual intervention is acted out then those accounts have to start all over again.  Manual intervention is triggered based on confirmation that the cert is renewed.

 

I understand the DoD database and I should be in there as well if my company has done their job. 

shortbusruss
Viewer II

Absolutely, 100% incorrect. If you don't "know" the answer, then please don't make it up or parrot corporate nonsense back to we, the "customers" of ISC2.... Every single non-ISC2 certification I have every taken in my life can be renewed prior to expiration date, which leaves zero downtime for my job. Your company is literally the only one that causes me these issues.
Joe_Duffy
Newcomer II

https://community.isc2.org/t5/Member-Support/Credential-Renewal/m-p/36999/highlight/false#M7631

 

 

I'm disappointed that this is still broken.  This is unacceptable as security professionals.   We usually fix things and not let them lay and fester.

 

Yes, I'm in this sticky wicket right now and am not looking for ward to being "disabled" or "deleted" by my customer.   

 

@AndreaMooreHow do we get this on a path so members don't have this issue in the future?

 

Respectfully,

 

 Joe

 

 

 

 

mencik
Contributor III

Given that the payment of fees can be done starting about 45 days prior to expiration, as soon as fees are received, and it is noted that the CPE's have been satisfied, the expiration date can be extended by 3 years. How much easier can it be?

That would give everyone that is concerned about a certification lapse 45 days grace. Just make sure you have your CPEs in well in advance, and pay your fees as soon as the option opens. If ISC2 can't then go in within those 45 days and update an expiration date by simply adding 3 years, then I have to question what we are paying all these fees for. 

This is a "no brainer" and should have been fixed long ago.