@rcorley wrote:
My company is hosting a security summit/conference and I'd like to know how we can approve CPE credits to attendees
Your organization would not approve CPEs - that's (ISC)2's responsibility.
So the question becomes what can the "Kentucty Cybersecurity Summit" organizers provide attendees and speakers with that substantiates a record of participation or attendance that would satisfy (ISC)2 or another body? It could be an Event Brite registration receipt with a members ID number on it (that's nice to have), it should include the dates of the conference and number of hours attended or it could be a registration receipt received at the conference. The organizers should themselves keep good records.
Then a member can submit the record to (ISC)2 for approval and possible audit 🙂 Also, bear in mind the (ISC)2 CPE guidelines for what constitutes a CPE in relation to their work - it short it must be "unique" and different from everyday responsibilities - would attending an internal conference classify, maybe. Here's a link to the CPE Guidebook.
