ISC2 Associate Status is a scam.
[Deleted User]
Posts: 0 ■■□□□□□□□□
in (ISC)²
[Rant] I am fine with a probationary status, but where you have to be very, very careful with what is put on a resume after passing their overpriced tests (Luckily my school program paid for this one.) and not meeting the experience requirements, is a scam. I have to pay $50 to be an Associate and not be able to say even what exam I passed? As if Certs in this day and age weren't finding enough ways to bleed more money out of us as it is. If there is going to be this kind of restriction then they should not let people who are outside of a year of the work experience required to even sit for the tests. I am probably a little less than two years shy of the work experience needed for full certification for the CCSP.
I figured I would be able to say passed CCSP exam or Provisionally passed on my resume, but nope you have to be very careful saying anything about the actually exam that was passed if you are not fully certified. I am fine with wanting to be seen as prestigious, but pretty much negating the accomplishment of passing the test with severe restrictions from adding it to a resume or linkedin is theft. No one cares if you are an Associate of ISC2. They want to know what exam you passed.
I understand many will disagree with me, but I hope you would understand why I feel this way. After spending all that time studying and stressing over the test to be told you can pretty much only put ISC2 Associate on your resume, instead of identifying the exam at least, is just wrong. What stinks, is for me to advance in my position, I need to get the CISSP down the road and I would rather not give more blood money to ISC2.
And no I did not go searching through all of ISC2's horribly designed website to know before taking the test that I couldn't even mention CCSP on my resume outside of very specific wording (there is a ISC2 forum discussion that talks about the proper wording). I figured, after reading the obvious requirements that, "Oh, okay I will be a CCSP Associate or something." Nope I am just an Associate and if I put "CCSP" anywhere around it, I could have my Associate status revoked and be banned from getting any other ISC2 certs. Sorry that is just ridiculous. Yes, I understand people could trick potential employers into thinking they are fully certified when they are not. That is why ISC2 should give Provisional Certs or something specific to the test taken that shows an individual has not quite met all the requirements for full certification, but has passed the exam. I would take a piece of paper that says, "Not Fully CCSP Certified, but Passed the Exam." over this "give us 50 bucks, so you can say you know ISC2....and that's it. Garbage restrictions. [End Rant]
I figured I would be able to say passed CCSP exam or Provisionally passed on my resume, but nope you have to be very careful saying anything about the actually exam that was passed if you are not fully certified. I am fine with wanting to be seen as prestigious, but pretty much negating the accomplishment of passing the test with severe restrictions from adding it to a resume or linkedin is theft. No one cares if you are an Associate of ISC2. They want to know what exam you passed.
I understand many will disagree with me, but I hope you would understand why I feel this way. After spending all that time studying and stressing over the test to be told you can pretty much only put ISC2 Associate on your resume, instead of identifying the exam at least, is just wrong. What stinks, is for me to advance in my position, I need to get the CISSP down the road and I would rather not give more blood money to ISC2.
And no I did not go searching through all of ISC2's horribly designed website to know before taking the test that I couldn't even mention CCSP on my resume outside of very specific wording (there is a ISC2 forum discussion that talks about the proper wording). I figured, after reading the obvious requirements that, "Oh, okay I will be a CCSP Associate or something." Nope I am just an Associate and if I put "CCSP" anywhere around it, I could have my Associate status revoked and be banned from getting any other ISC2 certs. Sorry that is just ridiculous. Yes, I understand people could trick potential employers into thinking they are fully certified when they are not. That is why ISC2 should give Provisional Certs or something specific to the test taken that shows an individual has not quite met all the requirements for full certification, but has passed the exam. I would take a piece of paper that says, "Not Fully CCSP Certified, but Passed the Exam." over this "give us 50 bucks, so you can say you know ISC2....and that's it. Garbage restrictions. [End Rant]
Comments
-
PC509 Member Posts: 804 ■■■■■■□□□□I get your complaint, except for the last paragraph. That information is out there, asked weekly in various forums, and they are pretty up front about the Associate of ISC(2) if you don't have the experience.
They should allow you to put in the Associate of ISC(2) - CCSP. I can see why they don't (treat it the same as the full CCSP, with experience), but it's still a pain. -
[Deleted User] Posts: 0 ■■□□□□□□□□I completely understand not treating it as a full cert, but they should provide a method for letting potential employers, via resume, know an individual passed a specific exam. Colleges/Universities provide unofficial transcripts, ISC2 could do the same.
My rant is based on passing what I thought was a pretty impressive test for my experience, but my resume gets to remain CCSP free, because ISC2 won't come up with a better way of rewarding less experienced test takers. It just bites that in the competitive field of Information Technology where every little thing helps, I can't really even mention an industry exam that could give me a boost over the competition. Just frustrating, but yes I will survive and live another day, though slightly more salty about the world of computer certs.
-
JoJoCal19 Mod Posts: 2,835 ModHow far off are you from gaining the requisite experience to be able to apply for full CCSP status? If it's a year or less, then just know that it's sitting there waiting for you once you're ready. If it's much more than that, I really don't understand the logic of testing for something you can't utilize for a long time. In that case I'd have gone for the CCSK instead. If you're looking to get some recognition for cloud knowledge on your resume quickly, I'd look into that.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□selloursouls said:And no I did not go searching through all of ISC2's horribly designed website to know before taking the test that I couldn't even mention CCSP on my resume outside of very specific wording (there is a ISC2 forum discussion that talks about the proper wording). I figured, after reading the obvious requirements that, "Oh, okay I will be a CCSP Associate or something." Nope I am just an Associate
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□selloursouls said:I completely understand not treating it as a full cert, but they should provide a method for letting potential employers, via resume, know an individual passed a specific exam.
That would pretty much defeat the purpose of requiring the experience. -
cyberguypr Mod Posts: 6,928 ModYou studied for that CCSP right? ISC2 code of ethics says nothing about restrictions on listing what you studied for.
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□cyberguypr said:You studied for that CCSP right? ISC2 code of ethics says nothing about restrictions on listing what you studied for.
-
stryder144 Member Posts: 1,684 ■■■■■■■■□□cyberguypr said:You studied for that CCSP right? ISC2 code of ethics says nothing about restrictions on listing what you studied for.The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
PCTechLinc Member Posts: 646 ■■■■■■□□□□cyberguypr said:I went to the EC Council School of Sneakyness. LOL!
Master of Business Administration in Information Technology Management - Western Governors University
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College -
internutzz Member Posts: 15 ■■■□□□□□□□stryder144 said:I was going to suggest the very same thing. Also, if I am not mistaken, they do give you access to a digital badge that says Associate - (ISC)2 - CCSP that you can post to your LinkedIn page. I could most definitely be wrong on that one, so further research, or if another member here knows if that is right or wrong, would be needed.
This is the CCSP one: https www youracclaim com /org/isc2/badge/associate-of-isc.4
(I'm too new to post links so you'll need to fill in the blanks)
-
UnixGuy Mod Posts: 4,570 ModUmm I don't understand the problem, so you put ISC2 associate CCSP , why is that bad?you still have the keyword , you have a proof that you have knowledge...and I can bet many (if not most) hiring managers don't know that difference between CCSP and associate CCSP, and those who do will appreciate that you have the knowledge. No stress.Congrats on passing, you're overthinking it. I have all my 'expired' certs in my CV...no one asks me what's recent and whats not, including a CCNA from 2006 (granted i don't work as a network engineer, but the cert is still a proof that I have the knowledge).
-
cyberguypr Mod Posts: 6,928 ModNo, no. He can put "Associate of ISC2", that's it. No CCSP at all. Therefore my "Studied for CCSP" recommendation under "recent accomplishments" or whatever. That way the keyword hits.
-
shochan Member Posts: 1,014 ■■■■■■■■□□I still think the whole associate status is dumb, if you passed the exam, you should be able to put it on your resume/web blog/wherever. If a person doesn't qualify for the exam due to experience or whatever, then they shouldn't get to sit for it.CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
-
the_Grinch Member Posts: 4,165 ■■■■■■■■■■Are you currently working? If so, if you've setup users in Active Directory for a year you have the required experience (in my opinion). Setup someone with VPN access? That's another domain. My experience if ISC2 is they're pretty generous in what counts towards experience.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
mikey88 Member Posts: 495 ■■■■■■□□□□the_Grinch said:Are you currently working? If so, if you've setup users in Active Directory for a year you have the required experience (in my opinion). Setup someone with VPN access? That's another domain. My experience if ISC2 is they're pretty generous in what counts towards experience.
You are confusing SSCP with CCSPCerts: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux -
internutzz Member Posts: 15 ■■■□□□□□□□shochan said:I still think the whole associate status is dumb, if you passed the exam, you should be able to put it on your resume/web blog/wherever. If a person doesn't qualify for the exam due to experience or whatever, then they shouldn't get to sit for it.
-
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□shochan said:I still think the whole associate status is dumb, if you passed the exam, you should be able to put it on your resume/web blog/wherever. If a person doesn't qualify for the exam due to experience or whatever, then they shouldn't get to sit for it.
Its like people taking out a college loans and then after they are done with college complaining they have to pay back all that money. Or we've seen a bunch on this site some people complaining about what college courses they need to take AFTER they have been going for like 2-3 years!
"they shouldn't get to sit for the exam"??? They should know what is gonna happen before they do something. If someone wants the Associate title they can get it, if they don't they should wait til have all the requirements. ISC2 doesn't hide this fact or make it hard to understand. (even though the OP was trying use that excuse) We all gotta grow up and take some responsibility for our actions at some point.
-
the_Grinch Member Posts: 4,165 ■■■■■■■■■■mikey88 said:the_Grinch said:Are you currently working? If so, if you've setup users in Active Directory for a year you have the required experience (in my opinion). Setup someone with VPN access? That's another domain. My experience if ISC2 is they're pretty generous in what counts towards experience.
You are confusing SSCP with CCSPValid experience includes information systems security-related work performed, or work that requires information security knowledge and involves direct application of that knowledge. Experience must fall within one or more of the seven domains of the (ISC)² SSCP CBK:
- Domain 1. Access Controls
- Domain 2. Security Operations and Administration
- Domain 3. Risk identification, Monitoring, and Analysis
- Domain 4. Incident Response and Recovery
- Domain 5. Cryptography
- Domain 6. Network and Communications Security
- Domain 7. Systems and Application Security
VPN = Network and Communications Security
Backups = Incident Response and Recovery
Unless I'm missing something?WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
mikey88 Member Posts: 495 ■■■■■■□□□□the_Grinch said:if you've setup users in Active Directory for a year you have the required experience.Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux
-
UnixGuy Mod Posts: 4,570 Modcyberguypr said:No, no. He can put "Associate of ISC2", that's it. No CCSP at all. Therefore my "Studied for CCSP" recommendation under "recent accomplishments" or whatever. That way the keyword hits.
-
wd40 Member Posts: 1,017 ■■■■□□□□□□the_Grinch said:Are you currently working? If so, if you've setup users in Active Directory for a year you have the required experience (in my opinion). Setup someone with VPN access? That's another domain. My experience if ISC2 is they're pretty generous in what counts towards experience.I had a similar experience when I passed the CISA exam, I though I didn't have the experience but my mentor told me to apply and see what happens.So, I sent ISACA an e-mail saying I do backups and I am the Business Continuity Management coordinator.They said tick the boxes, sign the form and pay the fees, so I did that and now I am a CISA.
-
VipreArmed Registered Users Posts: 10 ■■■□□□□□□□Hey everyone,
I've been working at a medical facility for the last 6+ years and am currently a Sr. Systems Admin. It's a small facility that has 3 other satellite locations and I've been pretty much their IT/Security/Compliance guy (you name it) during this time. I currently hold a CompTIA Security+ certification and some smaller heatlhcare certs but I'm looking to add on and part of my contract renewal I managed to get my employer to pay for future certifications and training.
I'm preparing to take the HCISPP exam so my question is how do they go about verifying experience? You need 2 years of experience (1 in healthcare) so I figure I check all the boxes but just curious to how they go about verification? Is it as simple as contacting your employer or what? I don't want to take this exam and have to be known as an Associate if I don't have to. -
stryder144 Member Posts: 1,684 ■■■■■■■■□□VipreArmed said:Hey everyone,
I've been working at a medical facility for the last 6+ years and am currently a Sr. Systems Admin. It's a small facility that has 3 other satellite locations and I've been pretty much their IT/Security/Compliance guy (you name it) during this time. I currently hold a CompTIA Security+ certification and some smaller heatlhcare certs but I'm looking to add on and part of my contract renewal I managed to get my employer to pay for future certifications and training.
I'm preparing to take the HCISPP exam so my question is how do they go about verifying experience? You need 2 years of experience (1 in healthcare) so I figure I check all the boxes but just curious to how they go about verification? Is it as simple as contacting your employer or what? I don't want to take this exam and have to be known as an Associate if I don't have to.
The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
VipreArmed Registered Users Posts: 10 ■■■□□□□□□□stryder144 said:VipreArmed said:Hey everyone,
I've been working at a medical facility for the last 6+ years and am currently a Sr. Systems Admin. It's a small facility that has 3 other satellite locations and I've been pretty much their IT/Security/Compliance guy (you name it) during this time. I currently hold a CompTIA Security+ certification and some smaller heatlhcare certs but I'm looking to add on and part of my contract renewal I managed to get my employer to pay for future certifications and training.
I'm preparing to take the HCISPP exam so my question is how do they go about verifying experience? You need 2 years of experience (1 in healthcare) so I figure I check all the boxes but just curious to how they go about verification? Is it as simple as contacting your employer or what? I don't want to take this exam and have to be known as an Associate if I don't have to. -
StrikingInfluencer Member Posts: 38 ■■■□□□□□□□As someone who recently passed the CISSP and had the experience I understand your frustration, however there is a reason why the (ISC)2 certifications are highly sought after. I was initially offered (through my employer) the opportunity to take a CISSP boot-camp with the expectation that I would acquire the CISSP afterwards. At the time I only had 1 year of security experience and a few years of other related IT experience. I declined, because I knew I wouldn't be able to get a full-blown CISSP and I thought it would be better to just wait and gain more experience and other certs like the Security+. Two years later, I self studied for the exam and passed it, immediately becoming a full-blown CISSP.I actually really appreciate the (ISC)2 verification and credentialing process of holding members to a higher standard with both experience and knowledge. As many on here have said, it's no surprise and their website isn't that difficult. They make it abundantly clear that if you don't have experience you cannot identify with their certifications.
-
JDMurray Admin Posts: 13,094 AdminIf this is about getting a keyword on your resume, using this on your resume is what I would recommend:
Associate of (ISC)2 (passed exam_name exam on mm/dd/yyyy) -
NetworkNewb Member Posts: 3,298 ■■■■■■■■■□JDMurray said:If this is about getting a keyword on your resume, using this on your resume is what I would recommend:
Associate of (ISC)2 (passed exam_name exam on mm/dd/yyyy) -
VipreArmed Registered Users Posts: 10 ■■■□□□□□□□Appreciate it everyone. I'm probably overthinking it because again, I feel like I have the experience to do it but it was a little disappointing when I started reading stories of people passing their exams and being unable to use the certification on a resume, LinkedIn, etc. I've been in IT for over 10 years and as I said the last 6 have been at medical facility.