[Owasp-leaders] CPE credits for OWASP training and meetings

Tobias tobias.gondrom at owasp.org
Wed Aug 6 17:13:46 UTC 2014


Hi Andrew,

there is no need for a certificate.
For ISC2 people just file the CPE activity and hours in their system and
that's it. Randomly they may ask for documentation, in which case, I
suggest for trainings and meetings you sent them a link to the chapter
meeting or the registration confirmation PDF from AppSec or the training.

No need for us to do any additional certificate bureaucracy.

Cheers, Tobias


On 06/08/14 09:55, Andrew Muller wrote:
> Thanks Fabio,
>   This is completely foreign to me so I need to know as much detail as
> possible :)
>
> Can you please share the certificate format with us? Perhaps we can
> standardise across all chapter meetings and events.
>
> Andrew
>
> On Wednesday, 6 August 2014, Fabio Cerullo <fcerullo at owasp.org
> <mailto:fcerullo at owasp.org>> wrote:
>
>     Guys
>
>     Each hour of training delivery, etc qualifies for a CPE credit. So
>     in case you organized a 1 hour webcast or in-person delivery, each
>     participant obtains 1 CPE.
>
>     The way we organised this for chapter meetings is by providing
>     each attendee a certificate of attendance and then they are
>     responsible for submitting them to ISC2.
>
>     Regards
>     Fabio
>
>     On Wednesday, August 6, 2014, Robert Shullich
>     <robert.shullich at owasp.org
>     <javascript:_e(%7B%7D,'cvml','robert.shullich at owasp.org');>> wrote:
>
>
>
>         Sent from my iPhone
>         Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>         Enterprise Security Architect
>         Tower Group Companies
>         Pro Box 026156
>         Brooklyn NY 11202
>         (201) 291-7432 (Direct)
>         (201) 221-8767 (Fax)
>         (908) 419-5417 (Mobile)
>
>
>         > On Aug 6, 2014, at 12:12 AM, Robert Shullich
>         <rshullic at mindspring.com> wrote:
>         >
>         > Last year ISC2 ran a booth at AppSecUSA 2013 and gave
>         automatic conference credits if you went by the booth and got
>         scanned.
>         >
>         > That being be different, there is three ways to go:
>         >
>         > Do nothing
>         > Get a relationship with ISC2 where we report the CPE for the
>         person
>         > Provide a certificate of attendance and let the person then
>         self report
>         >
>         > I'd go with the last one ax a personal preference although
>         2&3 together would be even better. The certificate of
>         attendance is audit proof and can be used for multiple assoc.
>         I have certs with ACCEI, ICCP, IAPP, ISC2, EC Council, ASIS
>         and ISACA and maybe some more I can't recall. A certificate
>         and self report works for me.
>         >
>         > Now in the case of 1 - do nothing - the person can still
>         self report but getting audited could be a challenge.
>         >
>         > Sent from my iPhone
>         > Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>         > Enterprise Security Architect
>         > Tower Group Companies
>         > Pro Box 026156
>         > Brooklyn NY 11202
>         > (201) 291-7432 (Direct)
>         > (201) 221-8767 (Fax)
>         > (908) 419-5417 (Mobile)
>         >
>         >
>         >>> On Aug 5, 2014, at 11:29 PM, "Kevin W. Wall"
>         <kevin.w.wall at gmail.com> wrote:
>         >>>
>         >>> On Tue, Aug 5, 2014 at 10:00 PM, Andrew Muller
>         <andrew.muller at owasp.org> wrote:
>         >>> Hi folks,
>         >>> I'm currently running some free ZAP training with Simon
>         telepresenting the
>         >>> content. Someone asked about CPE credits and I answered
>         with an emphatic I
>         >>> don't know.
>         >>>
>         >>> I've read
>         https://www.owasp.org/images/c/c1/Cpe_guidelines.pdf but I'm
>         >>> wondering if folks have sought to have their training and
>         meetings
>         >>> recognised by ISC^2. I spoke to a director of ISC^2 and he
>         seemed
>         >>> supportive.
>         >>>
>         >>> Offering CPE credits would be yet another draw card for
>         those running ailing
>         >>> chapters. However I'm keen to understand the recognition
>         process and gotchas
>         >>> from someone who has done it already.
>         >>>
>         >>> Thoughts?
>         >> Andrew,
>         >>
>         >> Can you elaborate? I've used OWASP activities for CPEs
>         >> for ISC^2 for years, including my development contributions
>         >> to ESAPI. Are you talking about some formal program that
>         >> we designate being worth so many CPE credits ahead of time
>         >> and then have a formal sign-off for ISC^2, SANS, etc.?
>         >> As far as how many CPE credits you get for a specific
>         >> activity, I think that varies by which organization you are
>         >> submitting them to.
>         >>
>         >> -kevin
>         >> --
>         >> Blog: http://off-the-wall-security.blogspot.com/
>         >> NSA: All your crypto bit are belong to us.
>         >> _______________________________________________
>         >> OWASP-Leaders mailing list
>         >> OWASP-Leaders at lists.owasp.org
>         >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140806/5f748ccc/attachment.html>


More information about the OWASP-Leaders mailing list