CDPSE - new privacy cert from ISACA

Got an email from ISACA about new cert CDPSE (Certified Data Privacy Solutions Engineer). Good to see they are coming up with a cert for privacy realm. No detailed information is available about the contents but maybe worth following for some professionals. Interesting to see how they will compete with CIPP. It seems they will grand-father the cert for a limited period of time.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

unknown

This content has been removed.

AverageJoe

In what field? Privacy? I have no idea.

But I think you can become a certified notary public or a certified teacher without exams, per se, depending on where you are and on what the certifying body has established as criteria. A quick google tells me you can even be a certified advanced electrician or a certified physician's assistant (PA) without an exam with the right experience.

unknown

This content has been removed.

H-bomb

cyber_security said:

AverageJoe said:
To me it sounds like you're just stuck on "no exam" and can't get past that, and that's okay. Based on your concerns, it sounds like you just plain don't seen legitimacy in any non-exam based certifications. That's fine. Only time will tell if it has value for others.

I am not even aware of any non-exam based certifications apart from this one? What other ones are they?

This concept isn’t new. ISACA did the same thing with the CRISC. Additionally, (ISC)2 allowed individuals to be grandfathered in to the CISSP concentrations when they first came out.

csjohnng

@cyber_security
I think your whole point is you think CDPSE early adopters are "buying" (because no exam is required) certificate CDPSE, only "verification" process is required which is very close to "buying" and you seem to be very bother by this early adoption or grandfathering because you think this will undermine the value of this certificate or why should I go for something I (or anyone) can just payoff the certficate.

Again yes and no (depending on how you view this) and in time it will tell if this certificate is crab or has a lot of value. Today I google I still can see historical post (10 years ago) from someone saying I don't like CRISC because of grandfathering and he though grandfathering itself is incorrect.

With all the above comments, I further google a bit, I realise ISACA offer grandfather program for CRISC and CGEIT, ISC2 offer for CISSP concentration. I am a holder of CRISC, CGEIT and 2 CISSP concentrations (and I am planning to go for the 3rd concentration this year or next), all are not via grandfathering, I applied for those exam and I don't even know (or bother to check if there is grandfathering) I took and pass the exam fair and square.
With knowing the grandfathering, if you ask me again, I will still pursue for such certification (even you view someone can just "pay"/"buy" for the certification without exam).

AverageJoe

cyber_security said:

So no privacy which is what this thread is based on? Or pretty much any area that this forum covers?

I wonder why they is? Actually no I don't its pretty obvious why they wouldn't just sell a cert to anyone that paid and said they had experience.

Well, I actually looked at this thread as being about a new cert offered by ISACA, not about privacy. I don't think there are any privacy specific forums on this board... the URL is infosecinstitute.com and the title of the board is TechExams by INFOSEC. As you've pointed out, privacy isn't the same as info sec. I'm not saying privacy shouldn't be discussed here. I think, as I've said, privacy and info security overlap so it makes sense to me that they're discussed together, but if they're as different as you seem to suggest then maybe this isn't the place to discuss it.

I see you leveling some accusations that ISACA is simply selling the cert, but what evidence do you have? ISACA clearly says you have to have experience. Has someone without privacy experience been granted the cert?

I get that the burden of proof for experience does not appear to be very high. I mentioned something to that affect earlier in the thread. I think that means unethical applicants could probably get away with falsifying their application... but there will always be unscrupulous people willing to **** in any system.  So if you're saying people can **** the system, I tend to agree. But people can **** any system.

Some of us see value in this cert. Some of us aren't sure, but we're willing to see where it goes. Obviously others think differently and see no value, like you. Your mind is made up that this cert is not of use to you, and I still say that's fine, but you basically just keep repeating the same thing so I don't see how continuing this conversation is of any value to anyone.

unknown

This content has been removed.

unknown

This content has been removed.

csjohnng

cyber_security said:

csjohnng said:

@cyber_security
I think your whole point is you think CDPSE early adopters are "buying" (because no exam is required) certificate CDPSE, only "verification" process is required which is very close to "buying" and you seem to be very bother by this early adoption or grandfathering because you think this will undermine the value of this certificate or why should I go for something I (or anyone) can just payoff the certficate.

Again yes and no (depending on how you view this) and in time it will tell if this certificate is crab or has a lot of value. Today I google I still can see historical post (10 years ago) from someone saying I don't like CRISC because of grandfathering and he though grandfathering itself is incorrect.

With all the above comments, I further google a bit, I realise ISACA offer grandfather program for CRISC and CGEIT, ISC2 offer for CISSP concentration. I am a holder of CRISC, CGEIT and 2 CISSP concentrations (and I am planning to go for the 3rd concentration this year or next), all are not via grandfathering, I applied for those exam and I don't even know (or bother to check if there is grandfathering) I took and pass the exam fair and square.
With knowing the grandfathering, if you ask me again, I will still pursue for such certification (even you view someone can just "pay"/"buy" for the certification without exam).

For me it is not about the value it is the buying bit. I think the cert could have value once it has a good exam and they don let any average Joe just buy the cert.

However, that is also the problem in 5 years time it could be seen as a good respected cert like CISSP and CISM and jobs could start asking for it and people will be making posts on this forum going I worked hard for 6 months to pass the exam and gain CDPSE but mixed in with all the hardworking, tested privacy experts will be a small group who paid to be their with them and that smells a little stinky to me.

Ok. Understand where you are coming from.

To be or not to be, that's a personal choice, there is no right or wrong.
To invest in a new cert as well, you need to think about the value (or future value) of course.

Let me take CISSP as an example.
But to be honest, there are times where I see people with little (or no) security knowledge obtain CISSP (you can call they have luck, good examination skill -not security knowledge....whatever), if this population increases, this will definitely undermine the value of the certificate. I see non-security people have CISSP, but in 3 year, they will end up giving up their CISSP either it's lack of CPE or they don't want to pay for the cert/AMF. It's not uncommon. And what is left over are actually the people who are the real security professional, keeping update themselves and sharpening their skills with 120 CPE, paying the AMF annually, I have earned closed to 300 CPE towards the end of my certification cycle )
There are alway 2 sides, no matter how good is the certification bodies and at the end, it is how good is the certification reflecting the "truth" on the skillset they are accessing.

We can always have very knowledgable people in the field who does not have the certification (but maybe only 5-10% of this people under this situation), because (or assuming) most people has the knowledge will go for certification process. We may always have certified people who does not really have the quality to bear the certification (assuming only a very small / tiny population of those being certified and hopefully this is also less than 5% and if this % increase to 30% or 50%, then this certification means nothing). (IMO) this is a fact / reality of any good maintain certification.

I am not convincing you to take or not. For your last statement, if it's what you believe in and cannot accept, I respect that, that's fine as well, we are not living in a perfect world.

AverageJoe

cyber_security said:haha so when you were talking about non-exam based exams, because we were discussing ISACA and the URL of the forum it meant we were not talking about privacy or security and so it made sense to include electricians and physician's

Thank you Joe for proving to allow anyone to buy a cert is not a good idea.

I don't know why you want to be like that. You started this part of the conversation by asking if you were understanding correctly what ISACA was doing and comparing it with brain dumping, which has a very negative connotation on this board, so it seems like you want to incite argument.

You made it clear that you think privacy is outside of info sec and that info sec expertise does not equal privacy expertise, so I don't know why you're aggravated that I gave other examples of certs outside of info sec. I never said there was a load of non-exam certs or that they were better or worse. I said you're stuck on it being a non-exam cert and that you're not even giving any consideration to the experience requirement. It's also been stressed that this cert is only a non-exam cert in the short term because ISACA already said they're adding an exam, so even ISACA agrees that it should be an exam cert. No one suggested certs shouldn't have exams, and since the name of this board is techEXAMS most of us are obviously expecting exams to be part of the cert process.

Anyway, I gave what I thought were thoughtful responses that included explanations and examples because you used the guise of wanting to understand. In truth, you don't seem to want to understand anything beyond what you've already decided. Proof, however, of anything, this conversation is not. We all have our opinions and you're certainly welcome to have yours. I respect that, and I don't care if you agree or disagree with me, no skin off my nose.

AverageJoe

cyber_security said:F

or me it is not about the value it is the buying bit. I think the cert could have value once it has a good exam and they don let any average Joe just buy the cert.

Further evidence that you want to incite argument... seems very much to me like you just want to bait and troll and not actually discuss or learn.

cyberguypr

I learned two things in this thread:

Grandfathering is a standard practice with new certs
We are going in circles

On to better threads.

Ashenwelt

Funny note, the top credential in Privacy is a non-exam credential, Fellow of Information Privacy (FIP) by IAPP.

PJ_Sneakers

I just got the email about this last week from ISACA. I'm surprised to see this is the only CDPSE thread on here (and it goes back 6 months). I guess I am in a different phase of the early adoption period. Paid the fees today. Will get the paperwork submitted tomorrow. Waived 2 years for the CISM.

Big-JJ

CDPSE Beta exam is open for January 2021 now. I was thinking maybe I will just buy a review material for learning purpose. I looked into the price of electronic copy and it is same the physical book! ($105). What the hell ISACA...same price.

If you register for the beta exam, the material is free. For anyone who registered and got the material, how is the study material? Is there a lot of useful information to learn?

JDMurray

CDPSE Beta Test
Member Fee US$575
Non-Member Fee US$760

Definitely not CompTIA's beta exam pricing.

UnixGuy

JDMurray said:

CDPSE Beta Test
Member Fee US$575
Non-Member Fee US$760

Definitely not CompTIA's beta exam pricing.

This why I dislike ISACA...there will also be additional fees: a fee to verify your experience, and an annual 'maintenance' fee for the cert...and annual isaca membership fee. It's a money grab and I'm not happy with it.

csjohnng

UnixGuy said:

JDMurray said:

CDPSE Beta Test
Member Fee US$575
Non-Member Fee US$760

Definitely not CompTIA's beta exam pricing.

This why I dislike ISACA...there will also be additional fees: a fee to verify your experience, and an annual 'maintenance' fee for the cert...and annual isaca membership fee. It's a money grab and I'm not happy with it.

Can't agree more on this point. My new ISACA invoice attach which I am (will be) paying $355 (I have already some discount from having 1 new member referral/recruitment) and with ISC2 I am only paying an AMF of 125 regardless of how many ISC2 certification I've hold (CISSP, CCSP...etc) , this is a complete rip off from ISACA.
When I fill-in the ISACA survey I told them they need to step up and giving more value to member for the money they are paying to ISACA otherwise they will lose member for sure

=================

Membership Professional Member Active through 31 December 2020

Membership Balance Due $ 135.00

China Hong Kong Chapter Balance Due $ 55.00

Certification

CISA Active through 31 December 2020

CISA Balance Due $ 25.00

CISM Active through 31 December 2020

CISM Balance Due $ 25.00

CGEIT Active through 31 December 2020

CGEIT Balance Due $ 45.00

CRISC

Active through 31 December 2020

CRISC Balance Due $ 25.00

CDPSE Active through 31 December 2020

CDPSE Balance Due $ 45.00

Total Balance Due

$ 355.00
==============

XiP

csjohnng said:

UnixGuy said:

JDMurray said:

CDPSE Beta Test
Member Fee US$575
Non-Member Fee US$760

Definitely not CompTIA's beta exam pricing.

This why I dislike ISACA...there will also be additional fees: a fee to verify your experience, and an annual 'maintenance' fee for the cert...and annual isaca membership fee. It's a money grab and I'm not happy with it.

Can't agree more on this point. My new ISACA invoice attach which I am (will be) paying $355 (I have already some discount from having 1 new member referral/recruitment) and with ISC2 I am only paying an AMF of 125 regardless of how many ISC2 certification I've hold (CISSP, CCSP...etc) , this is a complete rip off from ISACA.
When I fill-in the ISACA survey I told them they need to step up and giving more value to member for the money they are paying to ISACA otherwise they will lose member for sure

=================
Membership Professional Member Active through 31 December 2020
Membership Balance Due $ 135.00
China Hong Kong Chapter Balance Due $ 55.00

Certification
CISA Active through 31 December 2020
CISA Balance Due $ 25.00

CISM Active through 31 December 2020
CISM Balance Due $ 25.00

CGEIT Active through 31 December 2020
CGEIT Balance Due $ 45.00

CRISC
Active through 31 December 2020
CRISC Balance Due $ 25.00

CDPSE Active through 31 December 2020
CDPSE Balance Due $ 45.00

Total Balance Due
$ 355.00
==============

My ISACA invoice looks very similar. Wish they just had a one time AMF regardless of how many certs you have from them.

JDMurray

The one-charge-fits-all AMF at (ISC)2 is relatively new. Give ISACA time and they may see a profit in doing the same.

Aharrell

I was wondering why csjohnng's was more than mine - but he is also getting hit with his local Chapter fee ($55.00). I complained in the most recent survey also. $300.00 each year to maintain them compared to $125.00 to cover multiple certs at (ISC)2 is nuts.

anthonx

Anyone here purchased the CDPSE review manual? Is it a good reference material for work?

Big-JJ

Has anyone taken the CDPSE exam? Care to share the experience? I've been thinking about it.