Getting Certified? Here’s How to Keep Your Certificate Valid

A little blood, sweat, and tears, study, and practice, and amazingly enough you passed the exam and earned your certification.  There used to be a time when a certification was good for life, but these days a certificate is usually valid for only three years.  The good news is that you can maintain your certification with some additional effort on your part.

The theory behind expiring certs is, because of the rapid pace of change ion technology, the information you used to pass your cert becomes outdated over time.  These days, most certification organizations require a certain amount of continuing education to maintain and renew a certification.  Generally one hour of additional training equals one CEU, but other activities may have higher value.

Often there is an annual fee as well.  Here are some ways to earn CEUs:

  • Earn another IT industry certification.  Stacking up your certs with a single authority has some advantages, making meeting the requirement and reporting easier.  Earning a new cert can be worth many points, sometimes 50 points or more.
  • Complete additional training and purse a degree.  Educational activities generally translate at one point per instructional hour.
  • Participate in IT industry activities.  Attending an IT conference or convention can be worth 6 points per day.  Joining an industry group in your area and serving on the board can be worth 40 points per year.  Teaching, mentoring, or writing instructional material also is worth points, again generally 1 point per hour.
  • Publish a relevant article, white paper, blog post or book.  These activities generally have a fairly high value as well, 10 to 20 CEUs in many cases
  • Gain related work experience.  This can be work 10 points.

Different certifications require a different number of continuing education units (CEUs).  For example:

  • Renewing the CompTIA A+ requires 20 CEUs over a three year period.
  • Renewing the CompTIA Network+ requires 30 CEUs
  • The CompTIA Security+ requires 50 CEUs
  • The CompTIA Advanced Security Practitioner (CASP) requires 75 CEUs
  • The EC-Council Certified Ethical Hacker (CEH) requires 120 CEUs
  • The (ISC)2 Certified Information Systems Security Professional (CISSP) requires 40 annualy, or 120 over a 3 year period.
  • In the situation where you have more than one certification with the same certification authority, meeting the requirements of your highest cert will cover the lower ones.  In the CompTIA case above,  earning 75 for the CASP covers all the other CompTIA certs (A+, Sec+, and Net+), too.
  • In the above example, the (ISC)2 CISSP, the EC-Council CEH, and all the CompTIA certs can be covered by the same group of 120 CEUs used to meet the requirements for the CISSP.
  • Training and other CEUs need to be documented and reported to the certification authorities within the three year period of the certification.

That wraps up our series on information technology certification. If you are working toward a certification, we wish you the best of luck.  The definition of luck is:  when opportunity meets preparation.  If you have taken a certification exam and passed or failed, please leave a comment to share your experience with other readers.  May your opportunity meet preparation!


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.