Possible audit prior to being certified

JustMeAgainJustMeAgain Member Posts: 4 ■□□□□□□□□□
I am very concerned about the CISSP exam. I am very concerned about the endorsement. But I am scared to death of being audited prior to certification (if, of course, I even pass the exam). The reason: I have worked for companies that have merged with or have been bought out by other companies. I will not be able to find all the people who would be able to vouch for me and my background. One person has even passed away.

Is the audit really random? I wonder what the chances are of being selected for audit.


  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    HR people at those companies should still be able to vouch for your employment, and I would be surprised if it was that hard to find people who were familiar with your work, at least at those jobs you'd worked in the past 2-3 years.

    Don't worry about it.
  • IraqGun2CISSPIraqGun2CISSP Member Posts: 9 ■□□□□□□□□□
    Whenever I pass, I'll go the "Associate of ISC2" route. There are some CISSPs in my company but they don't know me well, as I work in a different section.

    I'm chasing down written letters from my previous jobs, by reaching out to the HR Depts to get something in writing to vouch for my prior applicable employment. Once I have the letters, then it is just a matter of finding a current CISSP either in my company (or outside) that MIGHT be willing to vouch for me for endorsement.

    Of course, by that time, I will have collected all the applicable letters which indicate my experience, which I will provide upon request to any CISSP willing to endorse me.

    No CISSPs were in my previous jobs, so finding a way to fill those gaps is an issue I will have to contend with as well.
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,712 Admin
    Is the audit really random? I wonder what the chances are of being selected for audit.
    I suppose it depends on how many CISSP candidates are waiting for their exam results. The exam results notification seems to be in the 2-3 week range, so the (ISC)2 probably can't audit even 50% of the candidates themselves. I assume the candidates that are really off the baseline for experience are automatically audited.

    The purpose of having an endorser is to have someone already approved by the (ISC)2 perform a pre-audit on a candidate to determine if "Associate of the (ISC)2" is a more appropriate designation for them. A endorser who doesn't follow the (ISC)2 standards for CISSP candidate acceptability is not doing him/herself any favors. The level of respectability your endorser has with the (ISC)2 may also have an influence too.
Sign In or Register to comment.