Continuing Professional Education (CPE) Opportunities & Requirements by Certifying Body
Six ways you can earn CPEs with Infosec
To maintain your information security certification(s), you must earn a set amount of continuing education credits each year. Depending on what certification(s) you hold, these could be called CPEs, CPUs or even ECEs. It’s important to note credit qualifications, requirements and approval processes vary by certifying body. However, regardless of your certification type, many of these credits can be earned at no cost to you.
Here at Infosec, we provide a variety of opportunities to help you maintain your certifications and keep your skills fresh.
1. Contribute an article to resources.infosecinstitute.com
Resources, the Infosec blog, features thousands of articles written by security pros, for security pros. This popular website boasts over 500k visits each month. By contributing an article of your own, you can earn continuing education credits and gain valuable exposure to other industry professionals.
2. Read an Infosec whitepaper
We frequently author security-related whitepapers covering topics like incident response, security awareness training, security threats and more. Once you’ve read a whitepaper, submit a summary of the paper to your certifying body for credit consideration.
3. Watch an Infosec webinar
Like whitepapers, webinars are a great way to earn continuing education credits. Visit our Resource Library to see our on-demand options. You can submit a request for a certificate of completion here.
4. Mentor others on TechExams.net
Organizations like ISACA award credit for helping others get certified. Our forum, TechExams.net, is home to thousands of other security pros looking for advice on how to achieve certification. Give back to the community and become a TechExams member (it’s free). You can learn more about eligible mentoring activities here.
5. Self study on resources.infosecinstitute.com
Resources, the Infosec blog, is loaded with insightful security articles and tutorials. Topics span multiple domains and specialties to keep you current on all things infosec. This type of activity is typically eligible for continuing education credits, but be sure to check with your certifying body before submitting requests.
6. Acquire additional certifications
Time spent preparing for a new security certification may qualify as continuing education credits for your existing certification(s) — in some cases, it could even automatically renew them. Be prepared to document your time spent studying, as credits are awarded for the amount of time you invest in preparing for the exam, not for earning the actual certification itself.
Continuing Education Credits Requirements by Certifying Body
Cisco: Entry-level, associate-level and professional-level certifications last for three years, and expert-level and specialist certifications last for two years.
- Entry-level, associate-level, professional-level and specialist certifications can only be renewed by passing the relevant recertification exam.
- Expert-level certifications can be renewed by obtaining 100 CPEs from Cisco’s pre-approved continuing education offerings. Renewing your expert-level certification will also renew your lower-level certifications.
- CPE credits are submitted via your Cisco continuing education account.
CompTIA: Certifications last for three years and require varying amounts of CPE credits over the period.
- At least 50 percent of CPE activity content must relate to certification exam objectives.
- You only need to meet the renewal requirements for your highest-level certification:
- A+: 20 CPEs
- Network+: 30 CPEs
- Security+ and Cloud+: 50 CPEs
- CySA+: 60 CPEs
- CompTIA Advanced Security Practitioner: 75 CPEs.
- CPE credits vary by activity and the maximum amount of CPEs you can earn for each activity varies by certification. See the CompTIA website for more information.
- CPE credits are submitted via your CompTIA certification account.
EC-Council: Certifications last for three years and require 120 CPE credits over the period.
- CPE credits vary by activity. For example, authoring an article or whitepaper is worth 20 CPEs, while a presentation is worth three CPEs per hour. See the EC-Council FAQ for the full list.
- CPEs will be applied across multiple certifications, but each certification has its own three-year window.
- CPE credits are submitted via EC-Council’s Aspen Portal.
GIAC®: Certifications last for four years and require 36 CPE hours over the period.
- CPEs can be applied to up to three certifications based on activity. For example, hours spent training training for an ISO-17024 accredited certification can be applied to two GIAC certifications, while other training events can only be applied to one. See the GIAC CPE categories for the full list.
- In lieu of earning 36 CPEs, you can retake the current exam to maintain your certification.
- CPE credits are submitted via your GIAC account.
IACRB: Certifications last for four years and do not require any CPEs. Instead, you must pass the current exam in the final year before your certification expires.
International Association of Privacy Professionals (IAPP): Certifications last for two years and require 20 CPE hours over the period.
- A minimum of 10 hours must be from Group A activities, meaning the activity relates to specific domains covered by the credential, and a maximum of 10 hours from Group B, meaning the activity relates to general professional development activities.
- You must earn Group A credits for each IAPP certificate you hold. For example, if you hold both a CIPP/US and a CIPM, you could maintain both by earning 10 hours of CIPP/US-specific CPEs (Group A), 10 hours of CIPM-specific CPEs (Group A) and 10 hours of general professional development CPEs (Group B).
- CPE credits are submitted via IAPP’s CPE submission form.
ISACA: Certifications last for three years and require 120 CPE hours over the period. You must earn a minimum of 20 CPE hours per calendar year.
- CPE activities must relate to specific domains covered by the credential.
- CPEs can be submitted to multiple ISACA certifications as long as the activity is applicable to each certification.
- CPE credits are reported via ISACA’s “Manage My CPE page” website.
(ISC)2: Certifications last for three years and require varying amounts of CPE credits over the period. However, (ISC)2 suggests earning CPEs each year.
- CPEs are broken into Group A, meaning the activity relates to specific domains covered by the credential, and Group B, meaning the activity relates to general professional development activities.
- CPE credits vary by activity. For example, authoring an article is worth 20 CPEs, while authoring a whitepaper is worth 10 CPEs. See the (ISC)2 CPE Handbook for the full list.
- CISSP requires 120 CPEs (90 in Group A, 30 in Group A or B) over the three-year period. In addition, if you hold any ISSAP, ISSEP or ISSMP concentrations, 20 credits must be directly related to each concentration.
- CSSLP and CCSP require 90 CPEs (60 in Group A, 30 in Group A or B) over the three-year period.
- SSCP, CAP and HCISPP require 60 CPEs (45 in Group A, 15 in Group A or B) over the three-year period.
- Associates require 15 CPEs from Group A each year.
- CPE credits are submitted via your (ISC)2 member home page.
Microsoft: As of September 2016, Microsoft no longer requires you to recertify your MCSE and MCSD certifications. All Microsoft recertification exams are now retired.
PMI: Certifications last for three years and require either 30 or 60 CPE hours depending on the certification.
- CPEs are broken into both education and “giving back” categories, and the education category is further divided into technical, leadership and strategic CPEs. See the PMI CCR Handbook for more information.
- PMP, PgMP, PfMP and PMI-PBA certifications require 60 total CPEs (35 minimum education, 25 maximum “giving back”). In addition, at least eight education CPEs must fall in the technical, leadership and strategic categories.
- PMI-ACP, PMI-RMP and PMI-SP certifications require 30 total CPEs (18 minimum education, 12 maximum “giving back”). In addition, at least four education CPEs must fall in the technical, leadership and strategic categories.
- CPE credits are submitted via the PMI Continuing Certification Requirements System.