Releasing Certs to DoD... How long does this process take for (ISC)2?

Request release: 25 May
Certificate release to DOD: 08 June

Luckily, I had the Sec+, as my employers apparently had an "end-of-May" deadline to get this stuff, and they waited until 5 days before the end of the month. Apparently, people hired on earlier had already done this ... whatever. COMPTIA was pretty quick, but (ISC)2 ... likes to take their time with things, I've noticed. (If you've ever had to wait on them for test results, endorsement verification, final award of cert, etcetera, then you understand what I'm saying.)

EDIT: They released the certificate to DoD today, a couple hours after making the initial post (how fortunate).

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

JDMurray

Checking if you are certified is done through the isc2.org Web site. Does it indicate that you have the full CISSP certification?

Psyco32

Not sure if the entire DoD is using a tracking database for certifications. The Army is using ATCTS (Army training and certification tracking system). You have the option of manually inputting any certifications you have and your Sys admin/Unit POC can verify that you have the cert. Another thing that I have experienced, is that if you did input the cert manually, the system will not “auto update” properly once requested via DMDC until you delete the manual entry. Not sure if this the case with you….

JDMurray

I just noticed this on CompTIA's Web site:

Note for DoD personnel:
If you are a military service member or civilian employee of DoD and hold a baseline IA certification in fulfillment of 8570 requirements, you must register and release your certification information in the Defense Workforce Certification Application (DWCA). https://www.dmdc.osd.mil/appj/dwc/index.jsp.

colemic

I believe that for Army personnel/contractors, ATCTS is mandatory. It's what it used to pull stats for compliance at a higher level.

instant000

JDMurray wrote:

Checking if you are certified is done through the isc2.org Web site. Does it indicate that you have the full CISSP certification?

I already have the certification, even got the hardcopy certificate in the mail from (ISC)2 already, not worried as to whether or not I have the certification. And, yes, I have also logged on at isc2.org to verify my status, also. And, additionally, recently joined the LinkedIn group, which also checks back against isc2.org.

JDMurray wrote: »

I just noticed this on CompTIA's Web site:

Note for DoD personnel:
If you are a military service member or civilian employee of DoD and hold a baseline IA certification in fulfillment of 8570 requirements, you must register and release your certification information in the Defense Workforce Certification Application (DWCA). https://www.dmdc.osd.mil/appj/dwc/index.jsp.

Yes, JDMurray, I have to go through that site, and release my certs to DoD. Currently, it made it to the part where it says that my cert is valid, but they haven't yet sent the information to DoD yet, according to that same website.

Psyco32 wrote:

Not sure if the entire DoD is using a tracking database for certifications. The Army is using ATCTS (Army training and certification tracking system). You have the option of manually inputting any certifications you have and your Sys admin/Unit POC can verify that you have the cert. Another thing that I have experienced, is that if you did input the cert manually, the system will not “auto update” properly once requested via DMDC until you delete the manual entry. Not sure if this the case with you….

colemic wrote:

I believe that for Army personnel/contractors, ATCTS is mandatory. It's what it used to pull stats for compliance at a higher level.

Yeah, cool. That system seems to just be another, force-specific system. I believe that the Air Force has one, also. I sent them a scanned copy of my certs a while ago. This is a new one they sprung on me.

And, if you're currently working in a DoD capacity, I advise you to go ahead and logon to that site, to authorize release of your certs to DoD, so as to save yourself the potential hassle later. Note: as I stated in my first post, isc2 is slow. Fortunately, I had another cert that came back quicker, that verifies me for my current position, on the IA level.

Just to be clear, having the IA certification doesn't preclude the operating environment certification that they should be cracking down on also (according to 8570). That is, you should be certified in Oracle, if you work on Oracle databases, and certified in Cisco if working on Cisco kit. Some people seem to gloss over this part of the 8570, but it is very important.

I just hope that things don't hit the fan with people cheating the tests. I heard one guy just this morning, talking about he could be ready for the CCNA in two weeks, even though just last week he had no idea of what port security was. (and still has no idea this week)

colemic

JDMurray wrote: »

I just noticed this on CompTIA's Web site:

Yeppers but isn't doesn't get as much 'love' 9and by 'love,' I mean 'hate') as ATCTS. It's quite a hassle. It's supposed to empower the end users (cert holders) to maintain it themselves, but they almost always put themselves in the wrong org container and it becomes a mess quickly which the IA guy has to sort out.

instant000

Good thing I complained about this today.

I received a notification email that a certification provider had released my information to DoD a couple hours ago!

I guess (ISC)2 reads these forums, too!