[Owasp-leaders] CPE credits for OWASP training and meetings

Fabio Cerullo fcerullo at owasp.org
Wed Aug 6 22:14:38 UTC 2014


guys

please find below the template I used for chapter meetings.

https://www.owasp.org/index.php/File:Certificate_of_participation.ppt

regards
Fabio


On Wed, Aug 6, 2014 at 8:02 PM, Robert Shullich <robert.shullich at owasp.org>
wrote:

> I disagree. And you are only thinking ISC2 here, but they are not the only
> player in Town.
>
> I can tell you the some of the other associations, especially EC council
> (how many CEH out there) won't award the CPE unless the documents are in
> Oder and presented with the CPE request.
>
> This response of "no need" is a dis service to the OWASP community and
> membership.
>
> As far as the work, the easiest and least work I have seen, used at ISSA
> Exec Forum and at the NYC ASIS conference is printing a bunch of blank
> certificates, with the date/time of the meeting, CPE awarded, titles of
> presentations, etc, with the name blank, the form is given out at the
> meeting towards the end, you can leave it at the sign in table, the
> attendee if they want one then takes it, writes in their own name, and they
> have a COA.
>
>
>
> Sent from my iPhone
> Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
> Enterprise Security Architect
> Tower Group Companies
> Pro Box 026156
> Brooklyn NY 11202
> (201) 291-7432 (Direct)
> (201) 221-8767 (Fax)
> (908) 419-5417 (Mobile)
>
>
> On Aug 6, 2014, at 1:13 PM, Tobias <tobias.gondrom at owasp.org> wrote:
>
> Hi Andrew,
>
> there is no need for a certificate.
> For ISC2 people just file the CPE activity and hours in their system and
> that's it. Randomly they may ask for documentation, in which case, I
> suggest for trainings and meetings you sent them a link to the chapter
> meeting or the registration confirmation PDF from AppSec or the training.
>
> No need for us to do any additional certificate bureaucracy.
>
> Cheers, Tobias
>
>
> On 06/08/14 09:55, Andrew Muller wrote:
>
> Thanks Fabio,
>   This is completely foreign to me so I need to know as much detail as
> possible :)
>
>  Can you please share the certificate format with us? Perhaps we can
> standardise across all chapter meetings and events.
>
>  Andrew
>
> On Wednesday, 6 August 2014, Fabio Cerullo <fcerullo at owasp.org> wrote:
>
>> Guys
>>
>>  Each hour of training delivery, etc qualifies for a CPE credit. So in
>> case you organized a 1 hour webcast or in-person delivery, each participant
>> obtains 1 CPE.
>>
>>  The way we organised this for chapter meetings is by providing each
>> attendee a certificate of attendance and then they are responsible for
>> submitting them to ISC2.
>>
>>  Regards
>> Fabio
>>
>> On Wednesday, August 6, 2014, Robert Shullich <robert.shullich at owasp.org>
>> wrote:
>>
>>>
>>>
>>> Sent from my iPhone
>>> Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>>> Enterprise Security Architect
>>> Tower Group Companies
>>> Pro Box 026156
>>> Brooklyn NY 11202
>>> (201) 291-7432 (Direct)
>>> (201) 221-8767 (Fax)
>>> (908) 419-5417 (Mobile)
>>>
>>>
>>> > On Aug 6, 2014, at 12:12 AM, Robert Shullich <rshullic at mindspring.com>
>>> wrote:
>>> >
>>> > Last year ISC2 ran a booth at AppSecUSA 2013 and gave automatic
>>> conference credits if you went by the booth and got scanned.
>>> >
>>> > That being be different, there is three ways to go:
>>> >
>>> > Do nothing
>>> > Get a relationship with ISC2 where we report the CPE for the person
>>> > Provide a certificate of attendance and let the person then self report
>>> >
>>> > I'd go with the last one ax a personal preference although 2&3
>>> together would be even better. The certificate of attendance is audit proof
>>> and can be used for multiple assoc. I have certs with ACCEI, ICCP, IAPP,
>>> ISC2, EC Council, ASIS and ISACA and maybe some more I can't recall. A
>>> certificate and self report works for me.
>>> >
>>> > Now in the case of 1 - do nothing - the person can still self report
>>> but getting audited could be a challenge.
>>> >
>>> > Sent from my iPhone
>>> > Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>>> > Enterprise Security Architect
>>> > Tower Group Companies
>>> > Pro Box 026156
>>> > Brooklyn NY 11202
>>> > (201) 291-7432 (Direct)
>>> > (201) 221-8767 (Fax)
>>> > (908) 419-5417 (Mobile)
>>> >
>>> >
>>> >>> On Aug 5, 2014, at 11:29 PM, "Kevin W. Wall" <kevin.w.wall at gmail.com>
>>> wrote:
>>> >>>
>>> >>> On Tue, Aug 5, 2014 at 10:00 PM, Andrew Muller <
>>> andrew.muller at owasp.org> wrote:
>>> >>> Hi folks,
>>> >>> I'm currently running some free ZAP training with Simon
>>> telepresenting the
>>> >>> content. Someone asked about CPE credits and I answered with an
>>> emphatic I
>>> >>> don't know.
>>> >>>
>>> >>> I've read https://www.owasp.org/images/c/c1/Cpe_guidelines.pdf but
>>> I'm
>>> >>> wondering if folks have sought to have their training and meetings
>>> >>> recognised by ISC^2. I spoke to a director of ISC^2 and he seemed
>>> >>> supportive.
>>> >>>
>>> >>> Offering CPE credits would be yet another draw card for those
>>> running ailing
>>> >>> chapters. However I'm keen to understand the recognition process and
>>> gotchas
>>> >>> from someone who has done it already.
>>> >>>
>>> >>> Thoughts?
>>> >> Andrew,
>>> >>
>>> >> Can you elaborate? I've used OWASP activities for CPEs
>>> >> for ISC^2 for years, including my development contributions
>>> >> to ESAPI. Are you talking about some formal program that
>>> >> we designate being worth so many CPE credits ahead of time
>>> >> and then have a formal sign-off for ISC^2, SANS, etc.?
>>> >> As far as how many CPE credits you get for a specific
>>> >> activity, I think that varies by which organization you are
>>> >> submitting them to.
>>> >>
>>> >> -kevin
>>> >> --
>>> >> Blog: http://off-the-wall-security.blogspot.com/
>>> >> NSA: All your crypto bit are belong to us.
>>> >> _______________________________________________
>>> >> OWASP-Leaders mailing list
>>> >> OWASP-Leaders at lists.owasp.org
>>> >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>
> _______________________________________________
> OWASP-Leaders mailing listOWASP-Leaders at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140806/f828cff6/attachment.html>


More information about the OWASP-Leaders mailing list