I am a happy camper today. I ran across the new CPE policies while using the new CPE web site for the first time. The notable change is that the requirement to earn 1/3 of the CPEs annually has been replaced with a "suggested annual minimum" (see page 5). This extra flexibility goes a long ways towards making it easier to maintain my CPE requirement.
I had long worried that failing an audit in month 13 for a "big" CPE (such as a week long conference) earned in months 1-12 would drop me below the required minimum, with the only "guaranteed" recovery being to spend $735 to retake the exam and be reinstated. Being an adult, I do realize that (ISC)² likely would grant a small extension if one were to get stuck in this particular scenario, but I am much happier to know that the concern is moot.
Do note that I have never worried about this concern in month 37 because one can work ahead bit, earning a few extra CPEs that will both mitigate the risk and will carry over to the next certification cycle.
Moving back to the "suggested annual minimum" seems a bit strange to me, since they just went away from that 3 years ago -- in 2015. Not that I mind (the end of March for me is very hectic, as my current and last companies both had the end of March as the end of their Fiscal year), but it just seems weird. Can we get clarification that that is, in fact, the case?
Moving back to the "suggested annual minimum" seems a bit strange to me, since they just went away from that 3 years ago [...] Can we get clarification that that is, in fact, the case?
I'm sure (ISC)² will weigh in after they get in the office, but if you want a formal answer, I recommend calling or emailing email@example.com.
I also would like to highlight a few things I checked before posting:
I just want to confirm that we are moving back to a "suggested annual minimum".
Thanks everyone for providing us any feedback you may have as you go through the process of submitting your CPEs in the new portal.
We appreciate your support!
Hmmm... let me add something here in the discussion, then.
Part of what I actually -like- about having an annual requirement is that I -have- to learn every year. I have to keep my knowledge updated (not that I wouldn't if I didn't have to do so, but still)... By going to a 'suggested annual minimum', then you're basically allowing people to go for 3 years without -having- to update their knowledge. They could, conceivably, go through and do all their CPEs at one time.
But that's just my $0.02! Like most people, I keep my knowledge updated and am continuously learning. I feel slighted if I -don't- learn something new every day (and, also like a lot of people, my retention of a lot of these new facts is minimal!)... Security knowledge is so dynamic that you lose out on a lot by only requiring education every 3 years.
The CPE guidelines document states "As a certified (ISC)2 member, you are required to earn and submit CPE credits each year of your three-year certification cycle."
This leads me to believe that at least 1 CPE credit would need to be earned in 2 years of the 3-year cycle, and the rest of the CPEs could all be in a single year of the 3-year cycle.
Is this the case or is there really no more annual minimum required for CPEs? If there is no more annual minimum and all CPEs can be earned in 1 year of the 3-year cycle, perhaps the wording should be updated in that statement above from the CPE guidelines document.
Sorry if I am over analyzing this, just want to know for sure if CPEs are required in each year of the 3-year cycle or if they can all be done in a single year.
Thanks for your help!