[Owasp-leaders] CPE credits for OWASP training and meetings

Tobias tobias.gondrom at owasp.org
Wed Aug 6 23:28:00 UTC 2014


Thanks. That's what I meant.
Simple, easy, straight forward.
Thanks, Tobias


On 06/08/14 23:14, Fabio Cerullo wrote:
> guys
>
> please find below the template I used for chapter meetings.
>
> https://www.owasp.org/index.php/File:Certificate_of_participation.ppt
>
> regards
> Fabio
>
>
> On Wed, Aug 6, 2014 at 8:02 PM, Robert Shullich
> <robert.shullich at owasp.org <mailto:robert.shullich at owasp.org>> wrote:
>
>     I disagree. And you are only thinking ISC2 here, but they are not
>     the only player in Town.
>
>     I can tell you the some of the other associations, especially EC
>     council (how many CEH out there) won't award the CPE unless the
>     documents are in Oder and presented with the CPE request.  
>
>     This response of "no need" is a dis service to the OWASP community
>     and membership.
>
>     As far as the work, the easiest and least work I have seen, used
>     at ISSA Exec Forum and at the NYC ASIS conference is printing a
>     bunch of blank certificates, with the date/time of the meeting,
>     CPE awarded, titles of presentations, etc, with the name blank,
>     the form is given out at the meeting towards the end, you can
>     leave it at the sign in table, the attendee if they want one then
>     takes it, writes in their own name, and they have a COA.
>
>
>
>     Sent from my iPhone
>     Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>     Enterprise Security Architect
>     Tower Group Companies
>     Pro Box 026156
>     Brooklyn NY 11202
>     (201) 291-7432 (Direct)
>     (201) 221-8767 (Fax)
>     (908) 419-5417 (Mobile)
>
>
>     On Aug 6, 2014, at 1:13 PM, Tobias <tobias.gondrom at owasp.org
>     <mailto:tobias.gondrom at owasp.org>> wrote:
>
>>     Hi Andrew,
>>
>>     there is no need for a certificate.
>>     For ISC2 people just file the CPE activity and hours in their
>>     system and that's it. Randomly they may ask for documentation, in
>>     which case, I suggest for trainings and meetings you sent them a
>>     link to the chapter meeting or the registration confirmation PDF
>>     from AppSec or the training.
>>
>>     No need for us to do any additional certificate bureaucracy.
>>
>>     Cheers, Tobias
>>
>>
>>     On 06/08/14 09:55, Andrew Muller wrote:
>>>     Thanks Fabio,
>>>       This is completely foreign to me so I need to know as much
>>>     detail as possible :)
>>>
>>>     Can you please share the certificate format with us? Perhaps we
>>>     can standardise across all chapter meetings and events.
>>>
>>>     Andrew
>>>
>>>     On Wednesday, 6 August 2014, Fabio Cerullo <fcerullo at owasp.org
>>>     <mailto:fcerullo at owasp.org>> wrote:
>>>
>>>         Guys
>>>
>>>         Each hour of training delivery, etc qualifies for a CPE
>>>         credit. So in case you organized a 1 hour webcast or
>>>         in-person delivery, each participant obtains 1 CPE.
>>>
>>>         The way we organised this for chapter meetings is by
>>>         providing each attendee a certificate of attendance and then
>>>         they are responsible for submitting them to ISC2.
>>>
>>>         Regards
>>>         Fabio
>>>
>>>         On Wednesday, August 6, 2014, Robert Shullich
>>>         <robert.shullich at owasp.org> wrote:
>>>
>>>
>>>
>>>             Sent from my iPhone
>>>             Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>>>             Enterprise Security Architect
>>>             Tower Group Companies
>>>             Pro Box 026156
>>>             Brooklyn NY 11202
>>>             (201) 291-7432 (Direct)
>>>             (201) 221-8767 (Fax)
>>>             (908) 419-5417 (Mobile)
>>>
>>>
>>>             > On Aug 6, 2014, at 12:12 AM, Robert Shullich
>>>             <rshullic at mindspring.com> wrote:
>>>             >
>>>             > Last year ISC2 ran a booth at AppSecUSA 2013 and gave
>>>             automatic conference credits if you went by the booth
>>>             and got scanned.
>>>             >
>>>             > That being be different, there is three ways to go:
>>>             >
>>>             > Do nothing
>>>             > Get a relationship with ISC2 where we report the CPE
>>>             for the person
>>>             > Provide a certificate of attendance and let the person
>>>             then self report
>>>             >
>>>             > I'd go with the last one ax a personal preference
>>>             although 2&3 together would be even better. The
>>>             certificate of attendance is audit proof and can be used
>>>             for multiple assoc. I have certs with ACCEI, ICCP, IAPP,
>>>             ISC2, EC Council, ASIS and ISACA and maybe some more I
>>>             can't recall. A certificate and self report works for me.
>>>             >
>>>             > Now in the case of 1 - do nothing - the person can
>>>             still self report but getting audited could be a challenge.
>>>             >
>>>             > Sent from my iPhone
>>>             > Robert Shullich, CPP, CISSP, CISM, GSEC, CIPP/US
>>>             > Enterprise Security Architect
>>>             > Tower Group Companies
>>>             > Pro Box 026156
>>>             > Brooklyn NY 11202
>>>             > (201) 291-7432 (Direct)
>>>             > (201) 221-8767 (Fax)
>>>             > (908) 419-5417 (Mobile)
>>>             >
>>>             >
>>>             >>> On Aug 5, 2014, at 11:29 PM, "Kevin W. Wall"
>>>             <kevin.w.wall at gmail.com> wrote:
>>>             >>>
>>>             >>> On Tue, Aug 5, 2014 at 10:00 PM, Andrew Muller
>>>             <andrew.muller at owasp.org> wrote:
>>>             >>> Hi folks,
>>>             >>> I'm currently running some free ZAP training with
>>>             Simon telepresenting the
>>>             >>> content. Someone asked about CPE credits and I
>>>             answered with an emphatic I
>>>             >>> don't know.
>>>             >>>
>>>             >>> I've read
>>>             https://www.owasp.org/images/c/c1/Cpe_guidelines.pdf but I'm
>>>             >>> wondering if folks have sought to have their
>>>             training and meetings
>>>             >>> recognised by ISC^2. I spoke to a director of ISC^2
>>>             and he seemed
>>>             >>> supportive.
>>>             >>>
>>>             >>> Offering CPE credits would be yet another draw card
>>>             for those running ailing
>>>             >>> chapters. However I'm keen to understand the
>>>             recognition process and gotchas
>>>             >>> from someone who has done it already.
>>>             >>>
>>>             >>> Thoughts?
>>>             >> Andrew,
>>>             >>
>>>             >> Can you elaborate? I've used OWASP activities for CPEs
>>>             >> for ISC^2 for years, including my development
>>>             contributions
>>>             >> to ESAPI. Are you talking about some formal program that
>>>             >> we designate being worth so many CPE credits ahead of
>>>             time
>>>             >> and then have a formal sign-off for ISC^2, SANS, etc.?
>>>             >> As far as how many CPE credits you get for a specific
>>>             >> activity, I think that varies by which organization
>>>             you are
>>>             >> submitting them to.
>>>             >>
>>>             >> -kevin
>>>             >> --
>>>             >> Blog: http://off-the-wall-security.blogspot.com/
>>>             >> NSA: All your crypto bit are belong to us.
>>>             >> _______________________________________________
>>>             >> OWASP-Leaders mailing list
>>>             >> OWASP-Leaders at lists.owasp.org
>>>             >> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>             _______________________________________________
>>>             OWASP-Leaders mailing list
>>>             OWASP-Leaders at lists.owasp.org
>>>             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>>
>>>     _______________________________________________
>>>     OWASP-Leaders mailing list
>>>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>>>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140807/08d75851/attachment-0001.html>


More information about the OWASP-Leaders mailing list