Claiming CISSP

RanMic

I know someone claiming to be a CISSP on their resume and on LinkedIn and they are not. Should this person be ratted out? It irkes me becuase I studied for months and and am very proud and value my cert and this clown just adds it to his resume like it no problem or big deal.

Am I overracting? I think not.

Bundiman

It needs to be called out.

[h=2]Code of Ethics Canons:[/h]

• Protect society, the common good, necessary public trust and confidence, and the infrastructure.
• Act honorably, honestly, justly, responsibly, and legally.
• Provide diligent and competent service to principals.
• Advance and protect the profession.

emerald_octane

Absofreakinglutely. You have to be beyond lazy/cheap to fake this stuff. Why bother?

--chris--

Next question, when you see this how do you handle it? Contact the certification granting organization or confront them directly?

RanMic

Roger that! Thanks guys. I just noticed it today and really pi$$ed me off when I saw it.

RanMic

--chris-- wrote: »

Next question, when you see this how do you handle it? Contact the certification granting organization or confront them directly?

That was going to be my next question Chris. Thanks for asking.

JDMurray

As a member of the (ISC)2 in good standing, you should report it to the (ISC)2 and let them decide how to proceed. This is assuming that you are 100% certain of your accusation.

Bundiman

If it was someone I knew I would handle it. If it was still not resolved then I was pass their information and proof that they claimed to be a CISSP on to ISC2.

RanMic

Thanks for the info and guidence everyone. I will proceed with caution.

cyberguypr

I can't stand CISSPs. Oh wait...

GoodBishop

Can't you find out whether or not someone is one on the member directory site for ISC2?

paul78

GoodBishop wrote: »

Can't you find out whether or not someone is one on the member directory site for ISC2?

Yes - if a member is willing to be listed in the directory to be verified - you can verify certification status here - https://webportal.isc2.org/custom/certificationverification.aspx

RanMic

I ran this by one of my other CISSP friends that knows the person and she pointed out that the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that, and I did ask him about it over the weekend and he reiterated that he is claiming it as a skill. Not sure as a potential employer that I would be ok with that claim. If it was listed as IT security skills or something along those lines maybe I wouldn’t think much about it, but to list CISSP draws more attention. Then again like I said in my first post, maybe I'm overacting.

TechGuy215

Any perspective employer can verify if someone is a CISSP or not by the verification code on the certificate. If they are trying to fraud someone, they will eventually be caught.

qwertyiop

RanMic wrote: »

I ran this by one of my other CISSP friends that knows the person and she pointed out that the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that, and I did ask him about it over the weekend and he reiterated that he is claiming it as a skill. Not sure as a potential employer that I would be ok with that claim. If it was listed as IT security skills or something along those lines maybe I wouldn’t think much about it, but to list CISSP draws more attention. Then again like I said in my first post, maybe I'm overacting.

Trust me I know that it can be very misleading. Currently I work for a staffing/recruiting firm and I find that many recruiters will put that they are CISSP, CCNA, VCP and whatever other certifications on-there to attract attention and find potential hires. I've even hears other recruiting companies all some of our recruiters to offer tham a tech job because their LinkedIn profile said they were a CISSP. Mind you my recruiters have no real tech backround.

joebanny

If all they are saying is that they know "CISSP" like on their Linked in page or any such portal or even on resume, I don't think that is a violation, anyone familiar with the certification process or studying for the exam, boot camping etc should be able to say that, it will be a different story if they are saying they are certified, (a clear violation). So it all depends on what they are claiming- my opinion.

thegoodbye

RanMic wrote: »

I ran this by one of my other CISSP friends that knows the person and she pointed out that the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that, and I did ask him about it over the weekend and he reiterated that he is claiming it as a skill. Not sure as a potential employer that I would be ok with that claim. If it was listed as IT security skills or something along those lines maybe I wouldn’t think much about it, but to list CISSP draws more attention. Then again like I said in my first post, maybe I'm overacting.

The person may not be aware it has listed the CISSP as one of his skills. For example, I have CEH as one of my certifications on Linkedin, but it also shows up as one of my skills, even though I never put it there. Ever notice when using LinkedIn that it asks you if, "Does John Doe know about ?" If enough people select endorse for this skill, it will show up on their page.

Joel Goldstein

If you do find that you need to report someone for fraudulently claiming to be a CISSP or simply need clarification as to how to proceed, contact (ISC)2 Member Services at 866-331-4722 ext. 4.

NetworkVeteran

RanMic wrote: »

the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that

He is not making any false claims, so there's likely little you can do. His job is to impress future employers--not make his competition happy. If an employer needs a CISSP, he will be disqualified. If they just need a CISSP skill-set, game on. The same occurs in networking. Resumes will freely list accomplishing portions of certifications, such as "CCIE Written". If the "CCIE" can't prove they know more than the "CCIE Written", that's not such a good thing.

emerald_octane

RanMic wrote: »

but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert.

A much more elegant way to say that is "Familiarity with the CISSP CBK", but as far away from the "Certified" column as possible. Too much of a slippery slope for me. Someone could say "Completed CISSP Examination" when they failed it, and have it glossed over by a dreary eyed recruiter.