CONTINUING PROFESSIONAL EDUCATION
At (ISC)2®, we’re committed to helping security professionals further their education in all
areas of their profession. Once you have successfully earned an (ISC)2 credential, continuing
education is required to ensure your certification is in good standing.
In order to maintain an (ISC)2 credential, it is required that all members accrue Continuing
Professional Education (CPE) credits on an annual basis.The amount of CPEs necessary is predicated
by the type of credential held.
CPE credits are categorized as either Group A credits or Group B credits, depending on how the
associated activities relate to the domain for each certification. Group A credits are for direct domainrelated activities. Group B credits are for activities that are outside of the domain, yet enhance a member’s
general professional skills and competencies.
3 Year Certification
Group A
Annual Minimum
(Minimum
Per 3
Credential
(Required)
year Certification
Group A only
Group B
Total Required
Optional
Period)
(Maximum see
below)
(Per 3 Year
Certification
Period)
SSCP
10
40
20
60
CAP
10
40
20
60
CSSLP
15
60
30
90
CISSP
20
80
40
120
ISSAP
ISSEP
ISSMP
During your subsequent full 3-year certification periods for these concentrations,
20 of the 120 CPEs already required for the underlying CISSP certificate must
be in the specific area of concentration. For example, if a CISSP took the ISSEP
concentration examination and passed, he/she would be required to submit at
least 20 of the total 120 hours required to submit for the CISSP certificate to
be in the specific area of engineering.
CPE Designation Requirements
Associate of (ISC)2 Designation
Group A
Total
(Per year)
Associate of (ISC)2 toward SSCP
10
10
Associate of (ISC)2 toward CAP
10
10
Associate of (ISC)2 toward CSSLP
15
15
Associate of (ISC)2 toward CISSP
20
20
5
CONTINUING PROFESSIONAL EDUCATION
Record Keeping and Auditing of CPE Hours
(ISC)2’s CPE Auditor performs random audits of CPE credits claimed. If you are chosen for an audit, you will receive instructions
via email regarding the necessary documentation to support your activities. You must respond to this request and provide this
information exactly as instructed within 90 days. Your CPE credits will be posted within 30 days of documentation approval.
You are not required to provide proof of CPE credit activities to (ISC)2 upon submission. However, you should retain proof of credits
earned for at least 12 months after your previous certification cycle expires.
Proof of CPE credits earned may be in the form of course transcripts, awarded diplomas, certificates or receipts of attendance,
research/prep notes for speaking or teaching, copies of official meeting minutes, or rosters or documentation of registration materials.
For online courses that do not provide any of the above, a screenshot is sufficient.
For book and/or magazine CPE credits, you should retain “proof of possession” such as the book or magazine itself, a sales receipt,
invoice, or library record. At a minimum, your proof should include the title and, if a book, the author and ISBN number; or, if a
magazine, the publisher. Acceptance of a book review by (ISC)2 will also constitute sufficient proof, even in the absence of other proof.
For more information on CPEs and detailed guidelines, visit www.isc2.org/cpes.
(ISC)2 is the largest not-for-profit membership body of certified information security professionals worldwide, with more
than 80,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)2 issues the Certified
Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software
Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner
(SSCP®) credentials to qualifying candidates. (ISC)2’s certifications were among the first information security credentials to
meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel.
(ISC)2 also offers education programs and services based on its CBK®, a compendium of information security topics.
More information is available at www.isc2.org.
6
• Attending Educational/Training Courses and Seminars
• Attending Industry Conferences
- (ISC)2® Security Leadership Series Events are offered at no charge or discounted for members.
Go to www.isc2.org/events to find an event near you.
• Attending Professional Association Chapter Meeting
• Attending Educational Vendor Presentations
• Completing a Higher Academic Course
• Providing Security Training
• Publishing a Security Article or Book
• Volunteering for Board Service for a Professional Security Organization
• Self-Studying via Computer-Based Training, Webcasts, Podcasts
- (ISC)2 provides the following CPE opportunities free to members:
• ThinkTank Security Leadership Roundtable Webinars (www.isc2.org/thinktank)
• e-Symposium Seminar Series (www.isc2.org/e-symposium)
• SecurityTALK (www.isc2.org/securitytalk)
• Reading an Information Security Book / Magazine, such as
- The (ISC)2 Journal
- InfoSecurity Professional Magazine
• Reviewing Application or Information Security Book
• Volunteering for Government, Public Sector, and other Charitable Organizations
• Write Test Questions for an (ISC)2 Examination - Item Writing
• Starting an (ISC)2 Chapter
© 2012 International Information Systems Security Certification Consortium, Inc. All Rights Reserved.
CPE credits are weighted by activity. Shown below are common categories of activities and the amount of credits you can earn for
each.Typically, you will earn one CPE credit for each hour spent engaged in an educational activity. However, some activities are worth
more credits due to the depth of study or amount of ongoing commitment involved.
ISC.0
(06/12)