Failed, then 30 days later passed?

124»

Comments

  • WilliamK99WilliamK99 Member Posts: 278
    don1 wrote: »
    Legal Counsel Information (Just in case):

    1) Medical case? Medical distress. You could sue for possible negligence
    2) Did not live up to their by-laws. This could possibly be useful evidence of the organization's duty to its customers (test takers)
    3) Type of lawyers. Contract or civil litigation Attorney

    Hope this would helpicon_cry.gif

    1)How is it negligence? They found a mistake in their grading process, corrected it, and informed everyone involved.

    2) How did they not live up to their by laws? Plus internal by-laws can't really be used in a court of law... They aren't binded by any legal obligation to uphold their own by-laws

    3) Not very many lawyers would take this case, for one ISC2 is a non profit organization so there isn't alot of money they will win from this.

    Stop being a sore loser and spend the time focusing on studying for the re-test.... The effort people are putting in complaining about this travesty of them failing the test, should be spent re-studying the areas you are weak in....

    ISC2 may have made a mistake, but it would be a bigger mistake to give people that failed, the certification just because their feelings were hurt.

    Hell, after I got my failed notice, I bought a 1 month subscription to CBT Nuggets, bought the CISSP Labsim, and bought the ISC2 practice tests, so I spent over 700 dollars on training materials to better prepare me for my re-test... Then I got the notice I passed, so I essentially wasted 700 dollars, but instead of complaining, I am going to use that training anyways to make me a stronger CISSP.
  • SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    frocouch wrote: »
    @colemic, as stated by someone else above... the 8570 is not a new concept. Its been out there for 5+ years. If the 8570 was, as you say, impactful, then I wouldn't have waited until three or so months before the deadline to attempt to pass. Why would one expect a handout?

    I only found out about it in 2009, and it seems as though for some reason it hasn't really been enforced up until now. In this specific situation, these are new employees, who haven't been under 8570 for six months, and yet are being told they have 2 months to certify, or they loose their jobs.

    At my last job, I proposed plans for 8570 compliance and was basicly told that they didnt want to spare the personnel for the free training I found them.

    Its likely with the recent focus on computer security in the private and government sectors has caused this rush.
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    It was more of an 'out of sight, out of mind' mentality, I think. Plus, since it was structured to have yearly goals of 25%, 50%, 75%, and now we are at 100% and they are simply trying to play catch-up. There were no penalties for missing the mark on the other milestones. It's only been in the last year that the 6 here has even been asking us to track it.
    Working on: staying alive and staying employed
  • eplawhorneplawhorn Banned Posts: 9 ■□□□□□□□□□
    Considering, the certification is required for my job and my unit and I together have spent in excess of $7,000 to get me certified. This so call mistake by (ISC)2 is unexcuseable. Why couldn't the error have been discoverered in the first two quality control checks that they made before sending out the pass/fail notifications? Why was the error only found during a thrid quality control check was made? Sounds like due care wasn't take on the part of (ISC)2 to ensure that the exams were properly graded during the first two runs. Then, there's due dilegence I feel that came after everyone at (ISC)2 discovered they'd screwed up big time.icon_cry.gif

    Regardless, if you were on either the pass/fail side (ISC)2 hasn't handled this humanely. I feel like I've been handled as a number only and not as a total individual. (ISC)2 seems to want to look at our endorsements and resumes as if they're looking at the total person, but I've discovered over the past week that I don't believe this is the case.

    I am another one of those individuals who was told they passed on month and told last Wednesday, that I failed. What a big mess!
  • erpadminerpadmin Member Posts: 4,165 ■■■■■■■■■■
    Ok, I'm sorry but this has gotten to the point that this is becoming sad and ridiculous.

    I've read this entire thread and I do sympathize with everyone who has gone through the crap on both sides (failed but passed, passed but failed).

    I have to address those who have failed: mistakes happens. No doubt you've made them. ISC2 made the mistake and from what I read, I feel that they made a very good faith effort to try to rectify it with you guys by allowing you to retake the test, at no cost to you. No doubt this hurts some of you as you needed some time to make arrangements to take the exam by a certain date or else your job is in jeopardy. I can't see any employer not willing to give you an extension though based on the circumstances, which no doubt can be produced. But my issue is with those who are saying "Hey, even though I failed, I should still be a CISSP because you gave me a certificate that said I passed, even though in reality I failed." How messed up is that?! I mean seriously, if you never passed to begin with, what does that say about you? There's nothing wrong with failing an exam...many folks have (myself included), but we pick ourselves up and try again. Yes, this exam seems very trying and difficult, from what I read, but it seems to be doable.

    I don't mean to sound like I'm pontificating, and yes, I'm not a CISSP, but I wouldn't want a certification I did not earn and neither should you. If you have a free means to take the exam again, you should do it and call it a day. But let's not try to say you should be a CISSP because ISC2 messed up. Otherwise, really, what does that say about you?
  • WilliamK99WilliamK99 Member Posts: 278
    eplawhorn wrote: »
    Considering, the certification is rquired for my job and my unit and I together have spent in excess of $7,000 to get me certified. This so call mistake by (ISC)2 is unexcuseable. Why couldn't the error have been discoverered in the first two quality control checks that they made before sending out the pass/fail notifications? Why was the error only found a thrid quality control check was made? Sounds like due care was take on the part of (ISC)2 to ensure that the exams were properly grade during the first two runs. Then, there's due dilegence I feel that came after everyone at (ISC)2 discovered they'd screwed up big time.icon_cry.gif

    Regardless, if you were on either the pass/fail site (ISC)2 hasn't handled this humanely. I feel like I've been handled as a number only and not as a total individual. (ISC)2 seems to want to look at our endorsements and resumes as if they're looking at the total person, but I discovered over the past week that I don't believe this is the case.

    I am another one of those individuals who was told the passed on month and told last Wednesday, that I failed. What a big mess!

    They spent 7000 and you still failed? IMO, you should rethink your study plan and come up with a new plan as opposed to complaining about how badly ISC2 is handling this...
  • vonoventwinvonoventwin Member Posts: 16 ■□□□□□□□□□
    colemic wrote: »
    Absolutely, for those that failed - just look at doughud above - That is EXACTLY why they should give them Associate for one year. btw - assuming JD's theory of what happened is even remotely accurate, there is no way that someone who scored a 200 would be told that they passed - giving them the 25 questions from the unscored ones that (might) have been counted still won't get them close to passing, they wouldn't have been told they passed in the first place. Besides that, even if someone who scored a 200 DID receive Associate status for one year, that is the price ISC2 pays for their mistake. I would assume that they would not do that for those that went fail/fail (failed the initial scoring and failed the 2nd scoring.)

    Vonoventwin stated he would receive his for one year, and still had to retest, no matter what - that's pretty clear guidelines for obtaining the full status.

    No one knows what DoD will do to those who do not have the required certs by 1 Jan - there's a remote chance they could yank everyone's access that doesn't have the right cert. Not likely, but a possibility. There are a LOT of people within DoD (contractors) that are sweating that out, and doughud above is a perfect example of why they should award provisional (associate) CISSPs good for one year.

    No more Associate of CISSP for me anymore. Looks like so many people complained that they stripped it from me. They are requesting I shred my certificate or send it back. I took option 3 and used it to wipe my ass.
  • rosedalerosedale Registered Users Posts: 8 ■□□□□□□□□□
    Free CBK,Free Voucher,Refund, and then 1 year free grocery...
  • cabrillo24cabrillo24 Member Posts: 137
    colemic wrote: »
    As they should. I have not criticized ISC's response to this in any way. You are getting seriously bent out of shape because you don't like my opinion... but it's still my opinion. Now, after reading the blog, I am happy with what they are doing. I only offered up my opinion on a solution that someone said ISC2 was going to offer those affected. They found a way to assist those that were affected, and that's great. Hugs all around. icon_cheers.gif






    Actually, I still think I am correct. Passing the CISSP examination does not mean that you will not lose your company money, or prevent information getting leaked that results in lost lives in Afghanistan. Having that piece of paper doesn't even mean you know what are you are doing, from a technical perspective, or even a managerial. It means you have an understanding of security fundamentals across a wide spectrum of domains. It doesn't mean you are suddenly competent in your field, and you aren't competent if you don't have it. Using your example of DoD - the vast, vast vast majority of information leaks are in no way caused by someone who couldn't pass the CISSP exam - anyone in DoD will tell you that end users are, at a minimum, responsible 97% of the time for spillages, CMI's, and Wikileaks headlines.



    As I stated above, it is possible to not technically fall under 8570. We had to have a contract change from NISPOM to DIACAP less than 12 months ago, and prior to that, had ZERO obligation to follow Army BBPs, 8570, 25-series, etc. And I know we are not the last people in DoD using NISPOM.



    I think he meant that it is advisable to contact ISC2 to get the correct information, instead of relying of word-of-mouth and second-hand information here.

    DoD 8570 applies to all DoD civilian and DoD contractors working within the realm of IA/IT.
    Next Up...
    CCNA: Security (210-260)
    Date: TBD
  • cabrillo24cabrillo24 Member Posts: 137
    WilliamK99 wrote: »
    They spent 7000 and you still failed? IMO, you should rethink your study plan and come up with a new plan as opposed to complaining about how badly ISC2 is handling this...

    Everyone has a right to their own opinion and not everyone passes on their first and sometimes even second attempt. We shouldn't place judgement. He's venting, allow him to. I'd be upset as well, not because I failed, but because of this error.
    Next Up...
    CCNA: Security (210-260)
    Date: TBD
  • blittrellblittrell Member Posts: 11 ■□□□□□□□□□
    So I have replied to a few of these posts about what happened to me, I failed and then passed. When I failed I was ok with it, then I kept thinking "How did I fail". I mean I came out of there pretty confident but took it for what it was, besides the embarrassment I felt for studying for 6 months and taking the last week before the test off for vacation so I could study 10 hours a day for the test and still I failed it. I moved on, I am going to attend WGU and thought I would come back to it if I wanted to in a year or two.

    Then I got the passed email and I was happy, I wasn't to ecstatic because I thought I already failed but at least I knew I was not going crazy by walking out of the test thinking I did good.

    Now that being said, I agree with most of the posters that ISC2 did the right thing, it wasn't the popular thing, it wasn't the easy thing but it was the right thing. I think ISC2 could be a little more sensitive to what this has caused to people, my email to ISC2 seems to get responses the next day(not right away) and they are cold and concise as to answers. For example, I am going to attend WGU, I held off on submitting transcripts and Certifications until I got my ISC2 results so I could count them. So when I got the failed I submitted all my other stuff. Now that I passed I emailed them and said I have the endorsement paperwork ready to go with a CISSP in good standing, due to the whole mix up could I get this paperwork expedited so I can submit it for credit to WGU before that window closes. All I got back was an email saying that if it was endorsed I will hear back in 3 weeks, if it was not and I submitted the non-endorsed paperwork it would be 6 weeks. There was no "sorry we can't do that" or "It takes the full 3 weeks to verify stuff" or any other explanation just the cold hard facts of 3 weeks for endorsed and 6 for non-endorsed.

    My point is this is a big s**t sandwich and everyone has to take a bite but maybe ISC2 could be a little more flexible in certain situations. I liked the idea of holding extra test dates for those that need the certification now. Yes people who failed actually failed and they do not deserve the certification because ISC2 messed up but it seems that the 3 or so weeks it took for them to find the problem and get true results out could justify holding special test dates to help those that thought they were good so they did not immediately schedule a new exam. If the case can be made that those that failed could have gotten into another test before their deadline I think ISC2 should meet them halfway and do a special session for them.
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    cabrillo24 wrote: »
    DoD 8570 applies to all DoD civilian and DoD contractors working within the realm of IA/IT.


    It applies IF their contract calls for it - as I stated above, there is/was an unintentional loophole created with NISPOM accreditation that does NOT mandate contractually that 8570 or almost any other reg be followed. Is it the right thing to do(following the reg)? Of course. But most contracts aren't worried about doing the right thing, they are looking at dollar signs, and if they don't HAVE to follow the rules = they won't. If you have DIACAP, then it is mandated in the accreditation that you follow those regs.

    We contractually went to DIACAP accreditation about a year ago, and have only since then been obligated to 8570... meaning we are nowhere near being 100%.

    It's the same concept as buckshot yankee, it was a directive and they had to add funds to the contracts to support those efforts.
    Working on: staying alive and staying employed
  • eplawhorneplawhorn Banned Posts: 9 ■□□□□□□□□□
    Currently, I don't care much for about 99% of to one individual's replies to the postings on this subject. Further, their answers remind me of some of the verbal and email replies I've gotten from (ISC)2 personnel. They might want to restudy your CISSP material a lot more before they pass judgement on me or anyone else. Plus, I forgotten more stuff over my lifetime than they probably will every know or experience. My study plan is probably better than a lot of folks.
  • eplawhorneplawhorn Banned Posts: 9 ■□□□□□□□□□
    Are you really sure they've gotten all of the bugs worked out? How can any of us who either failed and then passed or passed and then failed really know for sure? There are to to many unanswered questions and issues left open.
  • cabrillo24cabrillo24 Member Posts: 137
    colemic wrote: »
    It applies IF their contract calls for it - as I stated above, there is/was an unintentional loophole created with NISPOM accreditation that does NOT mandate contractually that 8570 or almost any other reg be followed. Is it the right thing to do(following the reg)? Of course. But most contracts aren't worried about doing the right thing, they are looking at dollar signs, and if they don't HAVE to follow the rules = they won't. If you have DIACAP, then it is mandated in the accreditation that you follow those regs.

    We contractually went to DIACAP accreditation about a year ago, and have only since then been obligated to 8570... meaning we are nowhere near being 100%.

    It's the same concept as buckshot yankee, it was a directive and they had to add funds to the contracts to support those efforts.

    I understand that contractually this may not have been stated in your statement of work; however, DoD 8570 applies to all people working for any DoD component

    Excerpt from DoD 8570:

    "This Manual applies to the Office of the Secretary of Defense (OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense, the Defense Agencies, the DoD Field Activities, and all other organizational entities in the Department of Defense (hereafter referred to collectively as the “DoD Components”).

    This Manual is effective immediately and is mandatory for use by all the DoD Components."

    C2.1.5. The certification requirements of this Manual apply to DoD civilian employees, military personnel, LNs, and support contractors performing the IA functions below and described in detail in Chapters 3, 4, 5, 10 and 11.
    Next Up...
    CCNA: Security (210-260)
    Date: TBD
  • cabrillo24cabrillo24 Member Posts: 137
    eplawhorn wrote: »
    WilliamK99, I don't care much for about 99% of your replies to the postings on this subject. Further, your answers remind me of some of the verbal and email replies I've gotten from (ISC)2 personnel. You might want to restudy your CISSP material and lot more before you pass judgement on me or anyone else. Plus, I forgotten more stuff over my lifetime than you probably will every know or experience.

    People may agree to disagree, but this forum is a community to help each other, share experiences, and discuss industry certifications, so lets just remain respectful; otherwise, threads such as these ends up being locked up do to all the hostility. Not saying you're creating it, but please be mindful.
    Next Up...
    CCNA: Security (210-260)
    Date: TBD
  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    I agree with ^^^^
    Plus I've seen 2 different people who were expressing hostility here have little red dots appear which means that some people have been neg repping them. It's probably a good idea for people who need to retake the test to just get back to studying and let it go. If ISC2 initially said you passed and then said you failed you must be close...hit the books and get it done.
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Or if you really need a DOD cert by the end of the year, do the Sec+.
  • msteinhilbermsteinhilber Member Posts: 1,480 ■■■■■■■■□□
    eplawhorn wrote: »
    Currently, I don't care much for about 99% of to one individual's replies to the postings on this subject. Further, their answers remind me of some of the verbal and email replies I've gotten from (ISC)2 personnel. They might want to restudy your CISSP material a lot more before they pass judgement on me or anyone else. Plus, I forgotten more stuff over my lifetime than they probably will every know or experience. My study plan is probably better than a lot of folks.

    I get it, the whole situation is a pretty bum deal for all involved, even including (ISC)². Perhaps the comment you are referencing prior to you edited your post may have been a bit blunt, but it contains a bit of truth to it. I don't at all mean it as a slam against your experience, knowledge, or capabilities and I haven't ever sat an exam of this caliber. But I know that if I prepared rigorously on my own (which I'm assuming you more than likely did) in addition to some pretty hefty training materials and course(s) from that $7000 and walked away without a pass then I would seriously be looking for some answers as to where I went wrong so I could focus on moving forward and getting it knocked out in round 2.

    Frankly, and this isn't directed at you specifically, I've seen a lot of posters both on this thread as well as elsewhere on the Internet who have a pretty solid belief that (ISC)² essentially owes them the certification. That's certainly an easy belief to hold after having thought you earned it, only to find out you did not after all - but it's not the right belief regardless of how (ISC)² might have goofed this one up. I would never expect, even after these events, to be granted with a "sorry, our bad but here's your pass anyways" or even an associate for a year on such a high caliber certification. That would be incredibly silly on my behalf if I did so, why would I want to help devalue that which I worked so hard to achieve (and apparently not hard enough) because I was so happy I thought I passed and I don't want to give that up?

    I think the final outcome is perfectly acceptable, and I would ultimately feel the same way if I were in any of your shoes too. I wouldn't at all be happy about it, but I would stick my ego aside - especially in threads like this given the circumstances revolving around my actual exam results. I'd have to choose if I desire to place my effort back into studying harder for the CISSP or direct it towards another career goal - trying to get into an angry discussion about how po'ed I still am would be counterproductive to both of those goals.
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    I get it, the whole situation is a pretty bum deal for all involved, even including (ISC)². Perhaps the comment you are referencing prior to you edited your post may have been a bit blunt, but it contains a bit of truth to it. I don't at all mean it as a slam against your experience, knowledge, or capabilities and I haven't ever sat an exam of this caliber. But I know that if I prepared rigorously on my own (which I'm assuming you more than likely did) in addition to some pretty hefty training materials and course(s) from that $7000 and walked away without a pass then I would seriously be looking for some answers as to where I went wrong so I could focus on moving forward and getting it knocked out in round 2.

    Frankly, and this isn't directed at you specifically, I've seen a lot of posters both on this thread as well as elsewhere on the Internet who have a pretty solid belief that (ISC)² essentially owes them the certification. That's certainly an easy belief to hold after having thought you earned it, only to find out you did not after all - but it's not the right belief regardless of how (ISC)² might have goofed this one up. I would never expect, even after these events, to be granted with a "sorry, our bad but here's your pass anyways" or even an associate for a year on such a high caliber certification. That would be incredibly silly on my behalf if I did so, why would I want to help devalue that which I worked so hard to achieve (and apparently not hard enough) because I was so happy I thought I passed and I don't want to give that up?

    I think the final outcome is perfectly acceptable, and I would ultimately feel the same way if I were in any of your shoes too. I wouldn't at all be happy about it, but I would stick my ego aside - especially in threads like this given the circumstances revolving around my actual exam results. I'd have to choose if I desire to place my effort back into studying harder for the CISSP or direct it towards another career goal - trying to get into an angry discussion about how po'ed I still am would be counterproductive to both of those goals.


    I agree, excepting that I was cool with the associate for a year, until I saw how much else they were doing to assist those affected. The steps they have taken are a much better solution.
    Working on: staying alive and staying employed
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    cabrillo24 wrote: »
    I understand that contractually this may not have been stated in your statement of work; however, DoD 8570 applies to all people working for any DoD component

    Excerpt from DoD 8570:

    "This Manual applies to the Office of the Secretary of Defense (OSD), the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense, the Defense Agencies, the DoD Field Activities, and all other organizational entities in the Department of Defense (hereafter referred to collectively as the “DoD Components”).

    This Manual is effective immediately and is mandatory for use by all the DoD Components."

    C2.1.5. The certification requirements of this Manual apply to DoD civilian employees, military personnel, LNs, and support contractors performing the IA functions below and described in detail in Chapters 3, 4, 5, 10 and 11.


    I think we are arguing semantics here... I do realize that we were a unique situation. It kind of depends on where you sit the fence; if you're a contractor, all the over-arching regs in the world will not matter if not contractually required, but if you are DoD civ/gov, then you may not necessarily interpret the situation that way. regardless, it's cool; I was just pointing out that there has been an issue (at least here) on where we stood and our obligations.
    Working on: staying alive and staying employed
  • don1don1 Registered Users Posts: 3 ■□□□□□□□□□
    colemic wrote: »
    I agree, excepting that I was cool with the associate for a year, until I saw how much else they were doing to assist those affected. The steps they have taken are a much better solution.


    I check with ISC2 yesterday, there is no such thing as 1-year Associate CISSP. What is the latest on this?
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    A user here reported that ISC2 was going to give those that were affected a one-year certification to assist with complications arising out of not being notified that they did not pass in a timely manner.
    Working on: staying alive and staying employed
  • rosedalerosedale Registered Users Posts: 8 ■□□□□□□□□□
    WilliamK99 wrote: »
    They spent 7000 and you still failed? IMO, you should rethink your study plan and come up with a new plan as opposed to complaining about how badly ISC2 is handling this...

    Oh!! you got a wonderful study plan then!!!
  • WilliamK99WilliamK99 Member Posts: 278
    rosedale wrote: »
    Oh!! you got a wonderful study plan then!!!

    It worked for me, I used my own funds and spent 1000 on training materials and passed.

    Of course at first, I thought I failed so I spent additional money, but I am going to go ahead and study it anyways, because it won't hurt me at all.

    Let me know if you need any assistance.
  • cabrillo24cabrillo24 Member Posts: 137
    Or if you really need a DOD cert by the end of the year, do the Sec+.

    Depends on the level required by the agency. Security+ only satisfies IAM Level I and is the baseline for IAT level I and II....for IAT personnel, they also have to have a corresponding O/S certification as well.
    Next Up...
    CCNA: Security (210-260)
    Date: TBD
  • SysEngSysEng Registered Users Posts: 1 ■□□□□□□□□□
    Received my fail notice a little over 5 weeks after the exam. Just about the same score as yours. Then on November 16, I got the exact message you did, telling me that I passed.

    My interpretation is that they used the wrong scoring key for the exam we took, found out that they goofed up, and then re-graded the test using the correct key.

    Unfortunately, enough time had passed that I could no longer return the $400 of study materials I had bought for a re-take. So I'm out $400 because of their error. My employer will reimburse the cost of the ISC2 exam, but they say that I need to take the rest up with ISC2.

    But the good news is that I passed.
  • cabrillo24cabrillo24 Member Posts: 137
    SysEng wrote: »
    Received my fail notice a little over 5 weeks after the exam. Just about the same score as yours. Then on November 16, I got the exact message you did, telling me that I passed.

    My interpretation is that they used the wrong scoring key for the exam we took, found out that they goofed up, and then re-graded the test using the correct key.

    Unfortunately, enough time had passed that I could no longer return the $400 of study materials I had bought for a re-take. So I'm out $400 because of their error. My employer will reimburse the cost of the ISC2 exam, but they say that I need to take the rest up with ISC2.

    But the good news is that I passed.

    Depending on the material, perhaps you can sell it on eBay on recoup some of the costs.
    Next Up...
    CCNA: Security (210-260)
    Date: TBD
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    With regard to the (ISC)2 Erroneous Pass/Fail Notifications incident, please refer to this thread: (ISC)2 Erroneous Pass/Fail Notifications
This discussion has been closed.