cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Moderator

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

@jangle83 I completely understand and will pass this along to management. 

 

Best Regards,

Amanda Vance

Community Champion

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

@amandavanceISC2  If I could add just a little more justification to this. In many federal agencies an account not only has a "drop dead" timer on it, thinking Microsoft AD as an example, but the agency itself has systems in place for approval of those accounts. That account would go through security review, change control board, and need outside agency reviews as well. That account most likely will also be subject to internal corporate review for the contractor as well and their security, internal CCB, etc., and again external review by Federal agencies.  If that account gets dropped because the ISC2 cert isn't renewed prior to the timer going off then this ugly cycle is started all over and that person could be sidelined with no pay until they get processed again.

 

This is very real.

Community Champion

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

Perhaps the solution would be to rename the field "Renewal Deadline" on the certificate and to add a second "Expiration Date" that is 90 days later.

Moderator

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

@Flyslinger2 I appreciate you providing more details on the process. As like most other organizations, renewal of a term, program and/or certification cycle is not permitted until the end of a cycle or after the expiration date. With that said, can review this process.  However, we must ensure that the integrity of the certification and the renewal process is not demolished.

 

Currently, the DoD database will not accept future certification cycle. We have worked with them on this in the past.

 

Best Regards,

Amanda Vance

Community Champion

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

@amandavanceISC2 I have a sneaking suspicion that the "DoD database" you reference has no interface/interaction with the LDAP database that our accounts are actually stored in. Thus, where the rubber meets the road, that Active Directory account could still time out and that engineer has no access. So those mechanisms I mentioned before are still in play because the "DoD database" is not a factor.  

Advocate II

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members


@Flyslinger2 wrote:

@amandavanceISC2 I have a sneaking suspicion that the "DoD database" you reference has no interface/interaction with the LDAP database that our accounts are actually stored in. Thus, where the rubber meets the road, that Active Directory account could still time out and that engineer has no access. So those mechanisms I mentioned before are still in play because the "DoD database" is not a factor.  


(emphasis added to quoted message)

 

Mark,

I am afraid your suspicion is not well founded. In fact, the Defense Manpower Data Center (DMDC) maintains a database specifically for DoD civilian employees, military members, and contractors to record all of the certifications that meet the requirements of DoD Instruction 6140 & DoD Manual 8570. Through agreement between DMDC and (ISC)2 there is a direct interface between that DoD database and the (ISC)2 certification record database. As a certified DoD cybersecurity contractor I had to load my CISSP data into that DMDC database and acknowledge my permission for DMDC to connect to (ISC)2 to obtain my personal information (Privacy Act protected PII) to verify my certification.

 

Amanda's  @amandavanceISC2  statement about the data fields exchanged is probably right on the money.

 

 

Dr. D. Cragin Shelton, CISSP
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
Community Champion

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

I'm talking about the actual network database, like AD or Apache's LDAP dBase.  This is where the production accounts are stored and their expiry dates are entered. If those expire before manual intervention is acted out then those accounts have to start all over again.  Manual intervention is triggered based on confirmation that the cert is renewed.

 

I understand the DoD database and I should be in there as well if my company has done their job. 

Viewer II

Re: ISC2 Certification Renewal Policy Negative Impact Paying Members

Absolutely, 100% incorrect. If you don't "know" the answer, then please don't make it up or parrot corporate nonsense back to we, the "customers" of ISC2.... Every single non-ISC2 certification I have every taken in my life can be renewed prior to expiration date, which leaves zero downtime for my job. Your company is literally the only one that causes me these issues.