CISM experience verification

ay092017ay092017 Member Posts: 21 ■□□□□□□□□□
This topic has been discussed in this forum from several different angles but none could answer my specific circumstance. Hoping someone dealt with this issue in the past.
I am studying for CISM exam and looking optimistically down the road at the certification application.

My situation is that I am no longer with my former employer where I had accumulated 6 years of InfoSec experience across the CISM job practice areas. Further, due to major re-orgs, layoffs, and voluntary separations there is no one currently employed there who can verify more than 2 years of this experience.

Here is my question
My direct supervisor for 5 of those experience years retired not long ago.
Can I use this person as my verifier on the certification application?
This person is no longer employed by my former company where I gained this experience but I reported to him for the 5 years in question.

thank you in advance,

Comments

  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    The only official answers to your questions can come from ISACA itself. I would encourage you to contact ISACA using the information provided by the link below and post the reply here.

    How to Become CISM Certified

    Certified Information Security Manager - IT Certification - CISM | ISACA
  • SnooperSnooper Member Posts: 29 ■□□□□□□□□□
    Wow - Just the thread I needed to start but OP beat me to it so I will post my questions here instead of starting another thread about it.
    Hi Guys and Gals
    I worked for same company in Technical Support / Security co-ordinator/ Technical Analyst for 12 years. During this time I did lot of physical and information security work, managed Information systems, planned BCP, did disaster recovery tests, Was involved in creating Security Governance policy and implementing it, audited users and information systems for compliance, Was the SME for educating users about cyber policy, isolated malware, analyzed SIEM logs and configured firewalls and IPS devices but I think I made one big mistake - i never bothered about insisting on changing job title so it always remained technical support analyst. I definately have the requisite management experience.
    I got laid off about 6 months due to restructing. I want to take CISM exam but have pretty much smiliar questions as OP mentioned in this thread.
    1. Can somone else, who is a CISM himself (in good standing, with knowledge of my work but not from same organization) vouch for my experience? I don't want to contact my ex manager(s) or anyone in that organization now.
    2. If not, can I take the test, qualify and get a chance to fullfill requirements within 5 years?
    3. Is it possible for me to qualify the test and submit the verification form directly to Isaca in which case they can contact employer directly?
    4. Any other suggestions for me in this situation? I am close to scheduling exam but this verification system is discouraging to say the least.
    Thank you, in advance for any suggestions and for your time.
  • ay092017ay092017 Member Posts: 21 ■□□□□□□□□□
    JDMurray wrote: »
    The only official answers to your questions can come from ISACA itself. I would encourage you to contact ISACA using the information provided by the link below and post the reply here.

    How to Become CISM Certified

    Certified Information Security Manager - IT Certification - CISM | ISACA

    Thanks for the guidance. I have sent several messages to ISACA asking about this with no reply.
    Hoping someone out there has been through this. This must be a common issue. I contacted my former employer to discuss and HR said that even if someone was there to verify they can not because company policy limits them to confirming title, salary, and employment dates.
    Thanks again!
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    Rather than asking the business and getting their lawyer's boilerplate answer, ask the person directly for an endorsement. There is no legal commitment made or implied when endorsing someone for a cert from ISACA or (ISC)2.
  • ay092017ay092017 Member Posts: 21 ■□□□□□□□□□
    I got a response from ISACA on this question.

    "Yes, you former supervisor can attest to your work experience. On the verification form, he would list his current employment details then list the name of the company for which he is verifying your work experience in the box above question # 1 on page V-1."

    This is good news for me. I hope this information helps others but agree with the advice below to ask ISACA about your specific circumstances to be sure.

    ay092017 wrote: »
    This topic has been discussed in this forum from several different angles but none could answer my specific circumstance. Hoping someone dealt with this issue in the past.
    I am studying for CISM exam and looking optimistically down the road at the certification application.

    My situation is that I am no longer with my former employer where I had accumulated 6 years of InfoSec experience across the CISM job practice areas. Further, due to major re-orgs, layoffs, and voluntary separations there is no one currently employed there who can verify more than 2 years of this experience.

    Here is my question
    My direct supervisor for 5 of those experience years retired not long ago.
    Can I use this person as my verifier on the certification application?
    This person is no longer employed by my former company where I gained this experience but I reported to him for the 5 years in question.

    thank you in advance,
  • SnooperSnooper Member Posts: 29 ■□□□□□□□□□
    I will also ask ISACA but am sure there must be lots of people here who had similar issues. Would love to hear from them how they went about it. Perhaps submitting the verification form directly to isaca may be my only option
  • soooowutnowsoooowutnow Member Posts: 83 ■■■□□□□□□□
    How'd this work out for you?  I am contacting a former supervisor now...
    2018 Achievements:
    Cloud Essentials SME
    Project+
    CRISC

    2019 To conquer:
    Maybe CGEIT? I don't know - help!
  • andyveazeyandyveazey Registered Users Posts: 2 ■■□□□□□□□□
    For me it all worked out fine. My former manager was able to attest to my experience and I was certified. Good luck!
Sign In or Register to comment.