Getting Certified? Here’s How to Keep Your Certificate Valid

A little blood, sweat, and tears, study, and practice, and amazingly enough you passed the exam and earned your certification.  There used to be a time when a certification was good for life, but these days a certificate is usually valid for only three years.  The good news is that you can maintain your certification with some additional effort on your part.

The theory behind expiring certs is, because of the rapid pace of change ion technology, the information you used to pass your cert becomes outdated over time.  These days, most certification organizations require a certain amount of continuing education to maintain and renew a certification.  Generally one hour of additional training equals one CEU, but other activities may have higher value.

Often there is an annual fee as well.  Here are some ways to earn CEUs:

  • Earn another IT industry certification.  Stacking up your certs with a single authority has some advantages, making meeting the requirement and reporting easier.  Earning a new cert can be worth many points, sometimes 50 points or more.
  • Complete additional training and purse a degree.  Educational activities generally translate at one point per instructional hour.
  • Participate in IT industry activities.  Attending an IT conference or convention can be worth 6 points per day.  Joining an industry group in your area and serving on the board can be worth 40 points per year.  Teaching, mentoring, or writing instructional material also is worth points, again generally 1 point per hour.
  • Publish a relevant article, white paper, blog post or book.  These activities generally have a fairly high value as well, 10 to 20 CEUs in many cases
  • Gain related work experience.  This can be work 10 points.

Different certifications require a different number of continuing education units (CEUs).  For example:

  • Renewing the CompTIA A+ requires 20 CEUs over a three year period.
  • Renewing the CompTIA Network+ requires 30 CEUs
  • The CompTIA Security+ requires 50 CEUs
  • The CompTIA Advanced Security Practitioner (CASP) requires 75 CEUs
  • The EC-Council Certified Ethical Hacker (CEH) requires 120 CEUs
  • The (ISC)2 Certified Information Systems Security Professional (CISSP) requires 40 annualy, or 120 over a 3 year period.
  • In the situation where you have more than one certification with the same certification authority, meeting the requirements of your highest cert will cover the lower ones.  In the CompTIA case above,  earning 75 for the CASP covers all the other CompTIA certs (A+, Sec+, and Net+), too.
  • In the above example, the (ISC)2 CISSP, the EC-Council CEH, and all the CompTIA certs can be covered by the same group of 120 CEUs used to meet the requirements for the CISSP.
  • Training and other CEUs need to be documented and reported to the certification authorities within the three year period of the certification.

That wraps up our series on information technology certification. If you are working toward a certification, we wish you the best of luck.  The definition of luck is:  when opportunity meets preparation.  If you have taken a certification exam and passed or failed, please leave a comment to share your experience with other readers.  May your opportunity meet preparation!

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.