+ Reply to Thread
Results 1 to 7 of 7
  1. Junior Member
    Join Date
    Oct 2017
    Posts
    10
    #1

    Question CISM experience verification

    This topic has been discussed in this forum from several different angles but none could answer my specific circumstance. Hoping someone dealt with this issue in the past.
    I am studying for CISM exam and looking optimistically down the road at the certification application.

    My situation is that I am no longer with my former employer where I had accumulated 6 years of InfoSec experience across the CISM job practice areas. Further, due to major re-orgs, layoffs, and voluntary separations there is no one currently employed there who can verify more than 2 years of this experience.

    Here is my question
    My direct supervisor for 5 of those experience years retired not long ago.
    Can I use this person as my verifier on the certification application?
    This person is no longer employed by my former company where I gained this experience but I reported to him for the 5 years in question.

    thank you in advance,
    Reply With Quote Quote  

  2. SS -->
  3. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,600
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #2
    The only official answers to your questions can come from ISACA itself. I would encourage you to contact ISACA using the information provided by the link below and post the reply here.

    How to Become CISM Certified

    Certified Information Security Manager - IT Certification - CISM | ISACA
    Last edited by JDMurray; 10-10-2017 at 03:55 PM.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Oct 2017
    Posts
    25
    #3
    Wow - Just the thread I needed to start but OP beat me to it so I will post my questions here instead of starting another thread about it.
    Hi Guys and Gals
    I worked for same company in Technical Support / Security co-ordinator/ Technical Analyst for 12 years. During this time I did lot of physical and information security work, managed Information systems, planned BCP, did disaster recovery tests, Was involved in creating Security Governance policy and implementing it, audited users and information systems for compliance, Was the SME for educating users about cyber policy, isolated malware, analyzed SIEM logs and configured firewalls and IPS devices but I think I made one big mistake - i never bothered about insisting on changing job title so it always remained technical support analyst. I definately have the requisite management experience.
    I got laid off about 6 months due to restructing. I want to take CISM exam but have pretty much smiliar questions as OP mentioned in this thread.
    1. Can somone else, who is a CISM himself (in good standing, with knowledge of my work but not from same organization) vouch for my experience? I don't want to contact my ex manager(s) or anyone in that organization now.
    2. If not, can I take the test, qualify and get a chance to fullfill requirements within 5 years?
    3. Is it possible for me to qualify the test and submit the verification form directly to Isaca in which case they can contact employer directly?
    4. Any other suggestions for me in this situation? I am close to scheduling exam but this verification system is discouraging to say the least.
    Thank you, in advance for any suggestions and for your time.
    Reply With Quote Quote  

  5. Junior Member
    Join Date
    Oct 2017
    Posts
    10
    #4

    Default Thanks -

    Quote Originally Posted by JDMurray View Post
    The only official answers to your questions can come from ISACA itself. I would encourage you to contact ISACA using the information provided by the link below and post the reply here.

    How to Become CISM Certified

    Certified Information Security Manager - IT Certification - CISM | ISACA
    Thanks for the guidance. I have sent several messages to ISACA asking about this with no reply.
    Hoping someone out there has been through this. This must be a common issue. I contacted my former employer to discuss and HR said that even if someone was there to verify they can not because company policy limits them to confirming title, salary, and employment dates.
    Thanks again!
    Reply With Quote Quote  

  6. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,600
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #5
    Rather than asking the business and getting their lawyer's boilerplate answer, ask the person directly for an endorsement. There is no legal commitment made or implied when endorsing someone for a cert from ISACA or (ISC)2.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Oct 2017
    Posts
    10
    #6

    Default ISACA response

    I got a response from ISACA on this question.

    "Yes, you former supervisor can attest to your work experience. On the verification form, he would list his current employment details then list the name of the company for which he is verifying your work experience in the box above question # 1 on page V-1."

    This is good news for me. I hope this information helps others but agree with the advice below to ask ISACA about your specific circumstances to be sure.


    Quote Originally Posted by ay092017 View Post
    This topic has been discussed in this forum from several different angles but none could answer my specific circumstance. Hoping someone dealt with this issue in the past.
    I am studying for CISM exam and looking optimistically down the road at the certification application.

    My situation is that I am no longer with my former employer where I had accumulated 6 years of InfoSec experience across the CISM job practice areas. Further, due to major re-orgs, layoffs, and voluntary separations there is no one currently employed there who can verify more than 2 years of this experience.

    Here is my question
    My direct supervisor for 5 of those experience years retired not long ago.
    Can I use this person as my verifier on the certification application?
    This person is no longer employed by my former company where I gained this experience but I reported to him for the 5 years in question.

    thank you in advance,
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    Oct 2017
    Posts
    25
    #7
    I will also ask ISACA but am sure there must be lots of people here who had similar issues. Would love to hear from them how they went about it. Perhaps submitting the verification form directly to isaca may be my only option
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks