8570 awaiting endorsement question

I read somewhere in the forums that after passing the CISSP you meet 8570 requirements while pending endorsement. Can anyone verify this and give a source? Also how would an employeer verify you passed?

Sorry to start a new thread but I didn't want to resurrect from the middle of an old one.

Find more posts tagged with

Comments

rogue2shadow

The "Associate of ISC2" (CISSP only) status will qualify for most levels of work but it all depends on what the client specifies.
See:
Dept of Defense Directive: DoDD 8570
http://www.dtic.mil/whs/directives/corres/pdf/857001m.pdf - official documentation

You have an exam/member number for verification:
https://webportal.isc2.org/custom/certificationverification.aspx

Rick1

From what I've read your either a CISSP or Associate when the endorsement process ends. Simply passing gives me no status until I either concede experience requirements or prove them. I checked my ISC status on their website and Im still listed as a nonmember.

I origionally thought passing the exam automatically made me an associate but it is not appearing to be the case.

rogue2shadow

The email I got post passing stated the following:

Dear : <Candidate>

Congratulations! It gives me great pleasure to inform you that you have passed the (ISC)2 credential examination and are now an Associate of (ISC)2.

I had a little less than a year left before I felt ready to take the test and signed up for the "Associate (CISSP)" exam at registration (same exam just different status attempt?). I just put in my package in Februrary.

afcyung

DoD 8570 Information Assurance Workforce Improvement Program

There is a chart at the above that tells you what certs qualify for what positions.

Rick1

I checked and my email says nothing about being an associate. Also running though verification provided no results. At worst I can say I passed it and do a con call with an employeer and ISC2 to confirm my test results.

rogue2shadow

Rick1 wrote: »

I checked and my email says nothing about being an associate. Also running though verification provided no results. At worst I can say I passed it and do a con call with an employeer and ISC2 to confirm my test results.

Sounds like an idea; I'd also contact member services.

afcyung

Rick1 wrote: »

I checked and my email says nothing about being an associate. Also running though verification provided no results. At worst I can say I passed it and do a con call with an employeer and ISC2 to confirm my test results.

If you are required to have the CISSP or Associates designation you will need to actually hold the credential so the cert can be released to the DOD for tracking purposes. This is something you initiate but the ISC2 and the DOD complete.

Rick1

afcyung wrote: »

If you are required to have the CISSP or Associates designation you will need to actually hold the credential so the cert can be released to the DOD for tracking purposes. This is something you initiate but the ISC2 and the DOD complete.

Absolutely right I'm more worried about allowing a new employer to verify I passed though. Right now I'm filling in on a position that I don't like to try a get a foot in the door with a great company. They have plans for nabbing me since I passed my exam everything is so slow going and it could be months before I'm in a better position. CISSP lets me write my own ticket out, but I cant use it. I'm starting to think I should have gone for my ISC2 Associate since I would have gotten it immediately, and after passing the exam I could immediately have submitted all my documentation and waited 6 more weeks.

I'm not at all impressed with this wait, I emailed ISC with my concerns and havent recieved any response. I don't understand how I could pass an exam of this caliber and be expected to wait 3 months to even have a status with ISC2. What really bothers me is my MCITP is on hold because I want it to cover CE requirements. It not a big deal, I'm a life long learner so CE requirements never bother me at all, its just that I already bought the vouchers and wanted have this year's requirements knocked out ASAP.

Thanks for your help guys. Off topic, are these kinds of waits the same for CISSP-ISSEP? I'm looking at getting ISSEP around October so I'd have it in November but right now I'm thinking I should probabaly go for it in Sept/August if these waits are the norm.

afcyung

Rick1 wrote: »

Thanks for your help guys. Off topic, are these kinds of waits the same for CISSP-ISSEP? I'm looking at getting ISSEP around October so I'd have it in November but right now I'm thinking I should probabaly go for it in Sept/August if these waits are the norm.

Why the ISSEP and not say the ISSMP?

Rick1

afcyung wrote: »

Why the ISSEP and not say the ISSMP?

There are more opportunities where I'm at for ISSEP. Most jobs I see in my area (Hampton Roads, VA) want 8510.01 compliance for DoD accredidation and for where I'm at now that looks to be where the $$$ is. Plus ISSEP doesnt require additional experience. I'd like to go ISSMP eventually but ISSEP looks like something I can have done this year.

afcyung

If they actually want you to do C&A, the CAP form ISC2 is much more focused on that topic and going to be way more applicable than the ISSEP.

Rick1

I see what your getting at but from what I can tell ISSEP really is right up my alley. Since I work with the DoD ISSEP really looks targeted at my audience and complements my ITIL experience. Where CAP is more or less is focused on accredation of systems it seems ISSEP is more on accredation of processes and projects. Obviously both certs cover some of the same material but ISSEP looks to have the higher ground.

I just hope the new ISSEP CBK gets realeased soon, the only real study guide I have to work with now is the DoD Instructions and NST docs, since the old study guides are horribly out of date. ISC Says an updated CBK is comming soon... If they tell me 4-6 weeks I might go postal

Just FYI for anyone else reading...

CAP Domains https://www.isc2.org/cap/default.aspxf
Understanding the Security Authorization of Information Systems
Categorize Information Systems
Establish the Security Control Baseline
Apply Security Controls
Assess Security Controls
Authorize Information System
Monitor Security Controls

CISSP-ISSEP https://www.isc2.org/issep.aspx

Systems Security Engineering
Certification and Accreditation (C&A)/Risk Management Framework (RMF)
Technical Management
U.S. Government Information Assurance Related Policies and Issuances