How to Obtain CPE Credits for Maintaining Application Security Certifications


Do you ever wonder what Continuing Professional Education (CPE) credits are used for, how these credits are earned and calculated, and why they should matter to you?

CPE credits are used to measure how far along a person is in their studies. It allows organizations to ascertain that you have met the proper knowledge requirements to obtain a certification. For example, before getting a Chartered Professional Accountant (CPA) certification in the US, an accountant must acquire a certain number of CPE credits as dictated by the American Institute of CPAs.

In the application security world, CPE credits are used primarily to maintain a certification to make sure you have a high level of current knowledge and proficiency in your related domain.

The number of credits required varies depending on the type of certification. An example would be (ISC)2’s CSSLP certification, which requires at least 90 CPE credits for its three-year certification cycle. Now if you look at ISACA’s CISM certification, it requires a minimum of 120 CPE credits for a three-year certification period.

So if you’re in the position of needing to maintain certifications, how do you earn CPE credits?

These credits can be earned in a variety of ways as long as the activity is related to your domain or contributes to your professional skills and competencies. You can attend seminars and training sessions, publish articles, prepare for presentations or lectures, take computer-based training (CBTs), and even reading books or volunteer in certain cases.

The list of activities and the amount of credit you can earn per activity can be found in each certification’s CPE guideline and policy. As one example, for the aforementioned CSSLP certification, you can take Security Compass’s CSSLP online training course to earn 10 CPE credits after completion. Additionally, if you acquire any SSP certification from (ISC)2 & Security Compass, you’ll earn 30 CPE credits to count towards your CSSLP certification as per (ISC)2’s CPE guidelines.

So once you’ve accumulated CPE credits, what do you do with them?

Usually you can report your CPE credits online through your membership account with (ISC)2 or a certification body. While it might seem tempting, don’t pad your numbers — just like with filing taxes, you can be audited and you should be prepared to offer proof if this happens. Make sure you get a certificate of completion for taking online courses, don’t throw away conference tickets, etc. When in doubt, remember the specific requirements can be found in the CPE guidelines for each certification.




Previous Article
Video: How To Avoid the Google Docs Phishing Attack
Video: How To Avoid the Google Docs Phishing Attack

Last week, a major phishing attack swept the internet by using Google Docs to infiltrate users’ passwords a...

Next Article
A Guide to Implementing the Top Ten Security Principles for Business
A Guide to Implementing the Top Ten Security Principles for Business

By Aaron Hnatiw, Senior Security Researcher at Security Compass It’s more important now than ever to run a ...