CISA revoked status

shoaib1974

Dear Fellows:

My CISA designation is revoked due to non compliance with CPE policy. I made a mistake and even though I have earned the CPE, never bothered to report them to ISACA since 2010. I was under a wrong impression that ISACA can temporarily suspend CISA designation and will not revoke it. in fact they forwarded me some emails indicating about the status but I was so occupied with my professional duties that hardly I check my personal emails. lately I found about those emails and when I contacted ISACA, they told me about revocation. Initially ISACA representative told me that I have to retake and re pass the exam but when I explained her and asked about appeal policy, she informed me because I did not submit the CPE for 2012-2016, keeping in view the timeframe, I am required to retake the exam. however, in the same email she told me that I can contact the board along-with letter and CPE earned evidences.

I need some advice how to appeal and what stance should I take so that my CISA designation is restored. any member with CISA revoked status may contribute with his or her experience. I would really appreciate it.

Shoaib

Find more posts tagged with

Comments

coffeeisgood

1st, have you always keep up with your dues? $$$

If no, my guess is your out of luck!
If yes, continue...

& if you actually did all the CPE's, prepare a nice letter with all the information & start an appeal
I would also go and re-read the current CISA application!
that said, going 4 years without summit ANY CPE's might be a tough sell!

as for how to appeal, after writing the letter, including all your supporting 4 years of CPE documentation to

certification at isaca dot org

or print, sign & actually snail mail it! (address on the bottom of the CISA application)
That might be more professional and you MIGHT get a better result!

if you e-mail they will send you an auto-reply they got your message
Keep in mind they are now processing CISA & CISM applications so if you sent it in today your actual real response might take be 2+ months!

Lastly, not to throw salt into this wound but part of being a CISA is that you actually follow this type of stuff (i.e. summit your CPE's!)

Good luck!

EANx

I have multiple certs that require CPEs to keep current. I set reminders both at work and on my phone to trigger at 9 months out, 6 months out, three months out and one month out as reminders. Part of being a professional is keeping up with continuing requirements. Figure out where your weak points are and use technology to overcome them.

beads

I let my CISSP lapse years ago out of indifference and retook the exam, passed and got over my feelings of security shame and self-loathing.

Its a few bucks and some time in the testing center.

- b/eads

coffeeisgood

beads wrote: »

I let my CISSP lapse years ago out of indifference and retook the exam, passed and got over my feelings of security shame and self-loathing.

Its a few bucks and some time in the testing center.

- b/eads

yo beads

whats is

E|CH

lol

shoaib1974

Thanks for your recommendations coffeisgood ... I know I was irresponsible and somewhat careless ... Anyways, lets see what will happen next. What I believe, if CISA has appeal policy and in fact they can reconsider and reinstate the status, I have every chance to be reinstated. Finger crossed

geeemcee

Hi anyone here experienced the same? Were you able to get reinstatement through appeal or you retook the exam? I was preoccupied with professional duties while getting my life back after tragedies and just happened to revisit my email. Appreciate your help!!

JDMurray

Have you actually tried appealing to the certification vendor?

geeemcee

I actually haven’t. Are they strict with the 3-year cycle rule of 120 CPE? I have filed mine for two years but lacks after the 3rd. I completed the 120 during the middle of the 4th year. Would it be possible to have it appealed? What could be the possible way? Thank you very much!

JDMurray

Yes it is possible to have it appealed. The first step is to contact ISACA and explain your situation. Let us know how it goes.

cisaguru

Hello Shoaib - Do let us know if you were able to appeal successfully. This information will be useful to all members and will act as a word of caution.

Nikelo

Hello, has anyone's cerfication been reinstated?
How did you appeal, what stance did you take?

I have this same problem. My CISA and CDPSE are revoked. Please help.

JDMurray

ISACA has a Certification Appeals Committee that answers all those questions. You can find out the official info using this Google search.

How did your certs come to be revoked?

UnixGuy

this year both my CRISC and CISM were revoked because I didn't pay the annual subscription

I won't renew them again, waste of money. Can confirm, the knowledge didn't evaporate from my brain because I didn't pay the annual subscription for ISACA

JDMurray

UnixGuy said:

this year both my CRISC and CISM were revoked because I didn't pay the annual subscription

Does ISACA refer to this situation as "revoked" or just "expired?" I assume revoked means cancelled because of misconduct in accordance to the rules of the cert vendor. I have let most of my certs expire, but have never had one revoked.

UnixGuy

JDMurray said:

UnixGuy said:

this year both my CRISC and CISM were revoked because I didn't pay the annual subscription

Does ISACA refer to this situation as "revoked" or just "expired?" I assume revoked means cancelled because of misconduct in accordance to the rules of the cert vendor. I have let most of my certs expire, but have never had one revoked.

They refer to it as "rovoked", perhaps I should dispute that? I've paid my annual fees for a few years then got sick of it

I have let all my certs expire except the SANS cert. With SANS certs I recieve updated material so its worth it

shochan

I'm done with renewing certs...IMO, it's a cash grab...HRs rarely care or even ask if they are expired. I'll continue to list them on my resume regardless if expired. I mean, does your degree expire? uhhh, no.

UnixGuy

shochan said:

I'm done with renewing certs...IMO, it's a cash grab...HRs rarely care or even ask if they are expired. I'll continue to list them on my resume regardless if expired. I mean, does your degree expire? uhhh, no.

That's what I do and I 100% agree it's a cash grab. I haven't found the "CPE"s to be useful, so the renewal doesn't ensure continuous education.

E Double U

UnixGuy said:

shochan said:

I'm done with renewing certs...IMO, it's a cash grab...HRs rarely care or even ask if they are expired. I'll continue to list them on my resume regardless if expired. I mean, does your degree expire? uhhh, no.

I haven't found the "CPE"s to be useful, so the renewal doesn't ensure continuous education.

Does that mean the resources that you have used for CPEs have not been useful? Or are you simply making the point that requiring CPEs for recertification is not useful?

When it comes to recertification I actually prefer the CPE option over retesting. I usually get most of my CPEs from trainings for other certifications (i.e. SANS) plus internal company trainings. In the tech world it seems leveraging continous learning for maintaining credentials is quite easy honestly. Now when it comes to annual maintenance fees I would definitely let a few certs expire if I could not expense them to my employer.

shochan

I've kept up with CEs in the past. I don't turn in reimbursement for certs to my employer as it becomes a "ball n chain" scenario...What I mean by that is let's say you get a certification, send in the reimbursement to your employer, they approve it, then if you get another job offer, then my employer will require me to pay THEM back since I was leaving the company. SO, I just pay for it myself. As far as CEs they won't even reimburse me for those dues. I'm not really saying CEs are not beneficial either, depends on what the subject matter is or how you are getting it. I used to watch a lot of video content that was extremely boring and most of the time I would not get anything out of it.

UnixGuy

E Double U said:

UnixGuy said:

shochan said:

I'm done with renewing certs...IMO, it's a cash grab...HRs rarely care or even ask if they are expired. I'll continue to list them on my resume regardless if expired. I mean, does your degree expire? uhhh, no.

I haven't found the "CPE"s to be useful, so the renewal doesn't ensure continuous education.

Does that mean the resources that you have used for CPEs have not been useful? Or are you simply making the point that requiring CPEs for recertification is not useful?

When it comes to recertification I actually prefer the CPE option over retesting. I usually get most of my CPEs from trainings for other certifications (i.e. SANS) plus internal company trainings. In the tech world it seems leveraging continous learning for maintaining credentials is quite easy honestly. Now when it comes to annual maintenance fees I would definitely let a few certs expire if I could not expense them to my employer.

The resources I used for CPEs were completely useless, there is nothing for me to learn from attending a vendor webinar or attending an ISACA event. I don't agree with doing things just to tick a box

With SANS, I haven't had to do anything to get CPEs because it happened that I got a chance to attend some SANS trainings (which are all extremely useful, they also sent me the updated course material that I can reference in the future). But getting 10 x CPEs for attending ISACA AGM event (event was a group of accounting voting for the next chapter president, I kid you not) or to listen to individuals with little to no experience in the field didn't set well with me. I also got zero value from renewing my ISACA certs so it was an easy decision

I personally think CPEs is a scam... Once you pass and get a cert that should be it, I don't need to further prove that I'm certified...my uni degree didn't expire, most things that are worthwhile don't expire anyway...

E Double U

UnixGuy said:

E Double U said:

UnixGuy said:

shochan said:

I'm done with renewing certs...IMO, it's a cash grab...HRs rarely care or even ask if they are expired. I'll continue to list them on my resume regardless if expired. I mean, does your degree expire? uhhh, no.

I haven't found the "CPE"s to be useful, so the renewal doesn't ensure continuous education.

Does that mean the resources that you have used for CPEs have not been useful? Or are you simply making the point that requiring CPEs for recertification is not useful?

When it comes to recertification I actually prefer the CPE option over retesting. I usually get most of my CPEs from trainings for other certifications (i.e. SANS) plus internal company trainings. In the tech world it seems leveraging continous learning for maintaining credentials is quite easy honestly. Now when it comes to annual maintenance fees I would definitely let a few certs expire if I could not expense them to my employer.

The resources I used for CPEs were completely useless, there is nothing for me to learn from attending a vendor webinar or attending an ISACA event. I don't agree with doing things just to tick a box

With SANS, I haven't had to do anything to get CPEs because it happened that I got a chance to attend some SANS trainings (which are all extremely useful, they also sent me the updated course material that I can reference in the future). But getting 10 x CPEs for attending ISACA AGM event (event was a group of accounting voting for the next chapter president, I kid you not) or to listen to individuals with little to no experience in the field didn't set well with me. I also got zero value from renewing my ISACA certs so it was an easy decision

I personally think CPEs is a scam... Once you pass and get a cert that should be it, I don't need to further prove that I'm certified...my uni degree didn't expire, most things that are worthwhile don't expire anyway...

Ok I see your point. I got the impression that you were labeling all CPEs as useless simply because you did not get much out of the events/webinars that you have attended. But I do wonder how you selected these activities. I have learned quite a bit going through the ISC2 magazine & quiz, SANS ISC stormcast & NewsBites, and other resources that also gave me CPEs. But if the description of an event didn't seem like it would bring much value then I would just skip it. I wonder if you ended up in useless offerings simply due to a lack of scrutiny on your part before joining.

I would describe annual maintenance fees as a cash grab, but would not go so far as to say that CPEs are a scam because I do not see the fraud aspect. I just figure since I am always continously learning anyways, I like that can get credits for those learnings so it is a double win without additional effort.

For the record, I am not a CPE/maintenance fee advocate simply for the sake of it because if my employer did not pay then I would let them expire.

E Double U

shochan said:

I don't turn in reimbursement for certs to my employer as it becomes a "ball n chain" scenario...What I mean by that is let's say you get a certification, send in the reimbursement to your employer, they approve it, then if you get another job offer, then my employer will require me to pay THEM back since I was leaving the company. SO, I just pay for it myself.

Assuming that you would be moving on to another job for a signicant pay increase, wouldn't those costs you have to pay back to your employer be peanuts in comparison? I have had colleagues make this argument, but they still remained with the same employer well beyond the period that would have required them to pay back those already reimbursed costs upon exit. So then they might as well have let the employer pay since they didn't leave lol. I definitely wouldn't want to pay back the full cost of a SANS training, but a certification or fees would be no problem.

JDMurray

There is also the legality of requiring an employee to pay back training--voluntary or mandatory. Such a deduction from an employee's final paycheck might not be legal in your state. Also, If an employer were to withhold the cost of training, the employee could file a civil lawsuit that would give the company bad press. It would be cheaper for the employer to just eat the training cost and not suffer a PR impact.

So, considering all this, I would first ask, "has anyone actually had to pay back their former employer for anything?" If so, was the payback clause worded as voluntary (on the part of the employee) or mandatory (which might not be legal)?

spiderjericho

UnixGuy said:

shochan said:

I'm done with renewing certs...IMO, it's a cash grab...HRs rarely care or even ask if they are expired. I'll continue to list them on my resume regardless if expired. I mean, does your degree expire? uhhh, no.

That's what I do and I 100% agree it's a cash grab. I haven't found the "CPE"s to be useful, so the renewal doesn't ensure continuous education.

I’m up for renewal. I’m not really interested in attending local chapter events or paid conferences or stuff on their website.

I have CGEIT, CISA, CISM, and CRISC. I also have CISSP. CISSP, imo, checks the same boxes but I’ll see what happens this CPE/fee cycle.

I got way too many certs I’m paying CE fees and submitting CEUs for. I don’t mind keeping my Cisco ones. And maybe paring down to CISSP and grab PMP. And call it a day.