CISSP Concern

iVictoriVictor Member Posts: 45 ■■□□□□□□□□
Hello All,

I have been referring to this forum and cccure.org forum for the past 3/4 months now and it's been a lot of useful information & help to me. Thanks.

I have a concern with reference to CISSP.

I have recently completed 4 years of professional experience which I needed to apply for the exam. (1 year waiver applicable)

When registering for the CISSP exam, in the Domain used (drop down) & number of months (input fields), there is no provision of specifying days. The input is taken as number of months only (in whole numbers).

This is an issue because although I have completed 4 years overall, the exp. in each of the organization I have been with is not a whole number, i.e. X months & Y days. So entering this specific information (X months & Y days) is not feasible. And if I do not fill the correct tenure, the overall experience requirement of 4 years is not met for anyone who's taking a quick look at the registration information (although I have elaborated all the details in my CV).

Please suggest how to work this out.

Best Regards.
This is the Right Time

Comments

  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    I don't think people are expected to keep track down to the actual number of days of their experience in each CISSP CBK domain. I certainly couldn't do that, especially since my domain experience isn't contiguous. Lacking this granularity, you'll need to round-down or round-up to the next month as appropriate.

    Also, it's not only the experience you claim on your exam application form, but also what your endorser testifies to be true that is considered by the (ISC)2. The worst case is that you will be a CISSP Associate of the (ISC)2 for a month or two while you complete the required work experience. You can also simply delay taking the exam for that amount of time.

    I suggest that you take the CISSP exam when you feel that you are ready to regardless of your current level of work experience. Collecting work experience is the easy part; taking and passing the exam is the hard bit.
  • iVictoriVictor Member Posts: 45 ■■□□□□□□□□
    Thanks for your response.
    JDMurray wrote: »
    I don't think people are expected to keep track down to the actual number of days of their experience in each CISSP CBK domain. I certainly couldn't do that, especially since my domain experience isn't contiguous. Lacking this granularity, you'll need to round-down or round-up to the next month as appropriate.

    I agree. The way I have collated the information is:

    Company Details, From - To, Total Tenure - X months, Y days
    Designation

    Domains Utilized:
    +Access Control
    +Information Security & Risk Management
    +Operations Security
    +Domain 4
    ...
    ...

    Roles Performed:
    +Role A
    +Role B
    +Role C
    ...
    ...

    I hope this is the correct format of providing information in the CV.
    JDMurray wrote: »
    Also, it's not only the experience you claim on your exam application form, but also what your endorser testifies to be true that is considered by the (ISC)2. The worst case is that you will be a CISSP Associate of the (ISC)2 for a month or two while you complete the required work experience. You can also simply delay taking the exam for that amount of time.

    I understand this. Verification by any endorser / ISC2 about my work experience & roles performed is Ok to me. That's the process and I should be able to confirm it. Also, I was taking into consideration going for Associate of ISC2. But, if the experience requirements are met, I feel I should instead take CISSP. I am preparing for the May 2009 schedule. Hence, I don't want to postpone it. You'll agree once we register for this big exam, there's no looking back and that's how the real mental preparation begins & the fear cease.
    JDMurray wrote: »
    I suggest that you take the CISSP exam when you feel that you are ready to regardless of your current level of work experience. Collecting work experience is the easy part; taking and passing the exam is the hard bit.

    I agree & haven't been thinking of the work experience details until now when I have to register for the exam. I believe I have the required work experience to be eligible. It's just that I am unsure of the presentation & input of the details while registering.

    Is there any way someone could take a look at my CV and suggest any changes required - format / presentation etc. - for submitting the exam registration?

    Best Regards.
    This is the Right Time
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    iVictor wrote: »
    I believe I have the required work experience to be eligible. It's just that I am unsure of the presentation & input of the details while registering.

    Is there any way someone could take a look at my CV and suggest any changes required - format / presentation etc. - for submitting the exam registration?
    You will want to reformat your CV to emphasize your InfoSec work experience, but only if it's not already obvious. Put the relevant items in bold if you like.

    Unless you are undergoing a formal audit, it's assumed that your endorser will be the one examining your CV with a fine-tooth comb and not the registrar at (ISC)2. Have a look at the endorsement form to understand what the endorser's responsibilities are.
  • iVictoriVictor Member Posts: 45 ■■□□□□□□□□
    JDMurray wrote: »
    Unless you are undergoing a formal audit, it's assumed that your endorser will be the one examining your CV with a fine-tooth comb and not the registrar at (ISC)2. Have a look at the endorsement form to understand what the endorser's responsibilities are.

    Is the HR department authorized to endorse the candidate?
    This is the Right Time
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    According to the endorsement form, the endorser must be "a member of the (ISC)2 in good standing." There is no requirement that the endorser must currently hold a specific job title or function. And the endorser should be familiar with your work background or be able to verify it.
  • iVictoriVictor Member Posts: 45 ■■□□□□□□□□
    Ok. It's clear now. Thanks for the timely responses, JD.

    For the preparation, I have been using the following materials:

    1. SH AIO 4th Ed
    2. SH AIO CBT
    3. CCCure.org Quizzer
    4. CISSP Gold Ed. Q&A
    5. Study notes available on cccure.org
    6. Mike Meyers Passport guide

    As I have been watching the forum & cccure forum, I observed that most candidates have used more than 1 resource of study besides SH AIO.

    Could you suggest if I should pitch in with any additional preparation material(s) - book, notes, etc. ? Is it absolutely required by the CISSP exam model?
    This is the Right Time
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    It's almost impossible to give very accurate recommendations for study materials because people have different ways of learning, and vastly different personal InfoSec knowledge and experience. The OIG is a text that's a significant resource for writing CISSP exam items, so I would strongly consider reading it at least once. I've seen exceprts from the Shon Harris CISSP videos and they look and sound very good. And if you feel that you learn a lot from practice exams then they are worth the investment.

    There's nothing required for the CISSP exam; it's just what you find you are learning the most from that you should use.
  • iVictoriVictor Member Posts: 45 ■■□□□□□□□□
    True. Thanks for the inputs, JD.
    This is the Right Time
Sign In or Register to comment.