@SamanthaO_isc2  I am wandering if someone from ISC2 could check into the handbook, the table on page 6 is somewhat confusing. You have a cell that crosses 'suggested annual' and 'total required'. The word 'required' should be placed at the column heading.

What do you think?

---

@Chuxing wrote:

You are probably confused by the table with row entry "Total Required"  under "TYPE" column, which I think is a leftover from previous version.

---

Yes, I believe for a brief period, the (ISC)2 adopted an annual minimum. They changed back about a year ago. You can follow this thread, which includes an official response indicating that there is no required annual CPE:
https://community.isc2.org/t5/Member-Support/Updated-CPE-Annual-requirements/td-p/9216

For a LONG time there WAS an annual minimum.

When I got my CISSP 4-5 years ago, I was expected to get a minimum of 20 CPEs each year, recommended that I get 40 as the 3 year total needed is 120.

(ISACA continues to have an annual minimum, which is 20 with a 3-year total also of 120).

Then a couple of years ago, they changed it to a minimum of 40 CPEs for CISSP.  Basically a third of the required each year, which makes since.  [same ratio for the others].

THEN a year ago, they dropped this, where there is no annual minimum, tho its recommended that you get 20 or so each year.

I don't know.  I like the idea of an annual minimum as it made sure that folks were keeping up on their CPEs, otherwise you have the folks who put it off and panic at the last minute.

emb021 is correct, it used to be 40 CPEs each year and 120 for the certification cycle.

It makes sense if you think about the purpose of the CPEs to spread them throughout the certification cycle so you keep up to date. 

Pragmatically, I'd suggest front loading it so you do the majority at the start of the certification cycle, so that if something unexpected happens; like a long illness, you still have time to do enough, within the 3 year cycle.

---

@Steve-Wilme wrote:

emb021 is correct, it used to be 40 CPEs each year and 120 for the certification cycle.

It makes sense if you think about the purpose of the CPEs to spread them throughout the certification cycle so you keep up to date. 

 

Pragmatically, I'd suggest front loading it so you do the majority at the start of the certification cycle, so that if something unexpected happens; like a long illness, you still have time to do enough, within the 3 year cycle.

 

 

---

As I have several certifications from several groups, many in the local infosec community where I'm at kind of see me as the "go to" guy in regards to certs: (how they work, what should they go for etc.).  I developed a few years ago a presentation I on infosec certs (given at a few local cons here) that goes into how they work (how you get them, keep them, including CPEs, etc), main ones out there (ISC2, ISACA, GIAC, CompTIA, EC-Council) and the various others (OSCP, IAPP, DRI, PMI, etc).

A frequent area I help people with are CPEs.  How they work, what they can do to get them, etc.  One thing I emphasis is there are a wide range of things you can do to get them, either 'free' or low cost, and there is little excuse NOT to be able to get them and little excuse NOT to rack up enough, up front, that it causes a problem.  If you wait till the end of your cycle, you will be scrambling and this is not good.

@amandavanceISC2

Hi Amanda - please can you provide an official statement to say whether or not annual CPE requirements are still in place?