Educause Security Discussion mailing list archives
Re: CISSP Endorsement request
From: David Pirolo <webmaster () WARNERPACIFIC EDU>
Date: Tue, 17 Jul 2012 09:34:07 -0700
I'm with you on this one Keith. It's disappointing to see that his peer group in the educational field can be so brash towards a new candidate. Whereas I don't at all agree in the methodology that was chosen to request endorsement, I'd at least expect a level of civility to guide him to the proper channels. Tarun, congratulations on your first step. As Roger states, you're going to need to build credibility in the community. I'd suggest finding a local security group where you can get to know some of them personally and professionally. David Pirolo Warner Pacific College On Tue, 2012-07-17 at 16:16 +0000, Schoenefeld, Keith P. wrote:
Tarun, Given this response, I would avoid contacting anyone at Northwestern for an endorsement. Roger, Seriously, relax your natural curmudgeonly attitude a bit and put yourself in a new CISSP's shoes. This is often a person who is relatively new in a dedicated security role and/or is entering or trying to set himself/herself up for advancement. Before you get upset about the 'new in a dedicated security role', let's be honest: A good and experienced systems administrator that's trying to break in to security meets the experience requirements for a CISSP, or did last time I evaluated the CBKs. Either way, such an individual is using the CISSP to affirm his knowledge or communicate to others that he has a base of knowledge that is consistent with security professionals. Here was my rollercoaster ride after the CISSP test. - I left the test feeling fried. I'd taken all of the practice tests I could find. I was scoring > 90% on all of the CBKs and completing full length sample tests in less than an hour. The test itself took me almost 2 hours, as I recall, and I was totally drained at the end. I had zero confidence that I passed. - I waited for some number of weeks (don't recall how many) wondering whether I'd passed or not, stressing about whether I'd wasted my employer's money and whether I'd have to pay for a retest -- because I was going to pass the test. - I finally received an email message informing me of the results. The first sentence in the body of that message was "Congratulations! We are pleased to inform you that you have passed the Certified Information Systems Security Professional (CISSP®) examination - the first step in becoming certified as a CISSP." I went from "YES!" to "Well crap!" in one sentence... what a downer. - I reviewed the information in the remainder of the email, including the referenced link [1] that states: "A candidate receiving a pass letter informing the candidate that he or she has passed the certification examination will also receive a blank endorsement form. The form must be completed and signed by an (ISC)² certified professional. The (ISC)² certified professional is anyone who: 1) Is able to attest to the candidate's professional experience 2) Is an active (ISC)2 credential holder in good standing." Given the endorsement process of contacting each supervisor, etc. it's easy for an endorser to perform step 1 without any personal relationship. The remainder of the endorsement form asks personal questions that inform professional character, but they are not covered by requirements 1) and 2) as indicated on the website. The fact is that the instructions from ISC2 are vague, and I won't hold it against anyone if they stumble through that process as I did. I certainly wouldn't call them out via an email to a list of their colleagues and peers -- I reserve that for seasoned professionals that claim to have made a carefully measured decision to be a jerk. -- KS [1] - https://www.isc2.org/endorsement.aspx Keith Schoenefeld Information Security Analyst Baylor University 254-710-6667
Current thread:
- Re: CISSP Endorsement request, (continued)
- Re: CISSP Endorsement request Roger A Safian (Jul 17)
- Re: CISSP Endorsement request Leon DuPree (Jul 17)
- Re: CISSP Endorsement request Doug Kahn (Jul 17)
- Re: CISSP Endorsement request Valdis Kletnieks (Jul 17)
- Re: CISSP Endorsement request Leon DuPree (Jul 17)
- Re: CISSP Endorsement request Schoenefeld, Keith P. (Jul 17)
- Re: CISSP Endorsement request Wayne S. Martin (Jul 17)
- Re: CISSP Endorsement request David Gillett (Jul 17)
- Re: CISSP Endorsement request Mark Rogowski (Jul 17)
- Re: CISSP Endorsement request Tarun Trivedi (Jul 18)
- Re: CISSP Endorsement request Webb, Justin (Jul 18)
- Re: CISSP Endorsement request Roger A Safian (Jul 17)
- Re: CISSP Endorsement request David Pirolo (Jul 17)
- Re: CISSP Endorsement request Gregory N Pendergast (Jul 17)