Professional development

Continuing Professional Education (CPE) opportunities & requirements by certifying body

Megan Sawle
March 12, 2020 by
Megan Sawle

 

Six ways you can earn CPEs with Infosec

 

To maintain your information security certification(s), you must earn a set amount of continuing education credits each year. Depending on what certification(s) you hold, these could be called CPEs, CPUs or even ECEs. It’s important to note credit qualifications, requirements and approval processes vary by certifying body. However, regardless of your certification type, many of these credits can be earned at no cost to you.

Here at Infosec, we provide a variety of opportunities to help you maintain your certifications and keep your skills fresh.

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

 

1. Contribute an article to resources.infosecinstitute.com

 

Resources, the Infosec blog, features thousands of articles written by security pros, for security pros. This popular website boasts over one million visits each month. By contributing an article of your own, you can earn continuing education credits and gain valuable exposure to other industry professionals. 

 

Submit Article Idea

 

2. Read an Infosec whitepaper

 

We frequently author security-related whitepapers covering topics like incident response, security awareness training, security threats and more. Once you’ve read a whitepaper, submit a summary of the paper to your certifying body for credit consideration.

 

Read a Whitepaper

 

3. Watch an Infosec webinar

 

Like whitepapers, webinars are a great way to earn continuing education credits. Visit our Resource Center to see our on-demand options. You can submit a request for a certificate of completion here.

 

Watch a webinar

 

4. Mentor others on TechExams.net

 

Organizations like ISACA award credit for helping others get certified. Our TechExams forum is home to thousands of other security pros looking for advice on how to achieve certification. Give back to the community and become a TechExams member (it’s free). You can learn more about eligible mentoring activities here.

 

Visit TechExams

 

5. Self study on resources.infosecinstitute.com

 

Resources, the Infosec blog, is loaded with insightful security articles and tutorials. Topics span multiple domains and specialties to keep you current on all things infosec. This type of activity is typically eligible for continuing education credits, but be sure to check with your certifying body before submitting requests.

 

Visit Resources Homepage

 

6. Acquire additional certifications

 

Time spent preparing for a new security certification may qualify as continuing education credits for your existing certification(s) — in some cases, it could even automatically renew them. Be prepared to document your time spent studying, as credits are awarded for the amount of time you invest in preparing for the exam, not for earning the actual certification itself.

 

View All Courses

 

Continuing education credits requirements by certifying body

 

Cisco: Certifications last for three years

    • As of Feb 24, 2020, all Cisco certifications, including CCIE certifications, last for three years from the date the certification was earned

 

 

      • Associate certifications require 30 CE credits
      • Specialist certifications require 40 CE credits
      • Professional certifications require 40-80 CE credits depending recertification path
      • CCIE and CCDE certifications require 40-120 CE credits depending on certification path
    • You can also renew by taking a Cisco exam (see renewal options)

 

    • CE credits are submitted via your Cisco continuing education portal

 

CompTIA: Certifications last for three years

 

    • CEU requirements vary by certification and you only need to meet the renewal requirements for your highest-level certification (see requirements):

 

    • A+ requires 20 CEUs
    • Network+ requires 30 CEUs
    • Security+, Linux+ and Cloud+ require 50 CEUs
    • PenTest+ and CySA+ require 60 CEUs
    • CASP+ requires 75 CEUs
  • You can also renew by performing a single activity, such as earning a higher-level CompTIA certification (see renewal options)
  • CEUs credits are submitted via your CompTIA certification account

EC-Council: Certifications last for three years

  • Every EC-Council certification requires 120 ECE credits
  • CPEs will be applied across multiple certifications, but each certification has its own three-year window
  • You can only renew by earning ECE credits (see requirements in the EC-Council FAQ)
  • CPE credits are submitted via EC-Council’s Aspen Portal

GIAC®: Certifications last for four years

  • Every GIAC certification requires 40 CPEs
  • CPEs can be applied to multiple certifications based on activity; for example, hours spent training training for an ISO-17024 accredited certification can be applied to two GIAC certifications, while other training events can only be applied to one (see requirements)
  • You can also renew by retaking the current exam
  • CPE credits are submitted via your GIAC account

Infosec Institute: Certifications last for four years

  • No CPEs are required
  • You must pass the current exam in the final year before your certification expires

IAPP: Certifications last for two years

  • Every IAPP certification requires 20 CPEs
  • CPEs can be applied to multiple certifications
  • CPE categories (Group A and Group B) have been eliminated to simplify the process (see requirements)
  • CPE credits are submitted via IAPP’s CPE submission form

ISACA: Certifications last for three years

  • Every ISACA certification require 120 CPE hours, with a minimum of 20 CPE hours per calendar year
  • ITCA and CSP-X certifications require 10 of the 20 hour annual hours to "be attained by participating in skills-based training/labs"
  • CPEs can be submitted to multiple ISACA certifications as long as the activity is applicable to each certification (see requirements)
  • CPE credits are reported via ISACA’s “Manage My CPE page” website

(ISC)²: Certifications last for three years 

  • CPE requirements vary by certification:
    • CISSP requires 120 CPEs (90 in Group A, 30 in Group A or B) over the three-year period; in addition, if you hold any ISSAP, ISSEP or ISSMP concentrations, 20 credits must be directly related to each concentration
    • CSSLP and CCSP require 90 CPEs (60 in Group A, 30 in Group A or B) over the three-year period
    • SSCP, CAP and HCISPP require 60 CPEs (45 in Group A, 15 in Group A or B) over the three-year period
    • Associates require 15 CPEs (Group A) per year
  • CPEs are broken into Group A, meaning the activity relates to specific domains covered by the credential, and Group B, meaning the activity relates to general professional development activities (see requirements)
  • CPE credits are submitted via your (ISC)² member home page.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

Microsoft: Certifications last for one year

  • No CPEs required
  • Microsoft fundamentals certifications do not expire
  • Microsoft role-based and specialty certifications can be renewed by passing a free renewal assessment
  • Assessments are taken via Microsoft Learn (see requirements)

PMI: Certifications last for three years 

  • PDU requirements vary by certification:
    • PMP, PgMP, PfMP and PMI-PBA require 60 total PDUs (35 minimum education, 25 maximum “giving back”) and at least eight education PDUs must fall in each of the technical, leadership and strategic categories
    • PMI-ACP, PMI-RMP and PMI-SP require 30 total PDUs (18 minimum education, 12 maximum “giving back”) and at least four education PDUs must fall in each of the technical, leadership and strategic categories
    • CAPM requires 15 total PDUs (9minimum education, 6 maximum “giving back”) and at least two education PDUs must fall in each of the technical, leadership and strategic categories
  • CPEs are broken into both education and “giving back” categories, and the education category is further divided into technical, leadership and strategic CPEs (see requirements)
  • CPE credits are submitted via the PMI Continuing Certification Requirements System
Megan Sawle
Megan Sawle

Megan Sawle is a communications and research professional with 10 years of experience in cybersecurity, bioscience and higher education. Megan leads Infosec’s research strategy, leveraging study findings to mature its cybersecurity education offerings and build awareness of cybersecurity diversity and skill shortage challenges. Since joining the team, she’s directed research projects on a wide variety of cybersecurity topics ranging from dark web marketplaces and phishing kits to the Workforce Framework for Cybersecurity (NICE Framework) and the importance of soft skills in cybersecurity roles. Megan is a University of Wisconsin-Stout graduate, an avid equestrian and (very) amateur mycologist.