Just because someone writes an endorsement letter,
does not mean that that person is sufficiently qualified
or familiar enough with the CISSP candidates knowledge
and skills to legitimize that candidate. Small to medium
size businesses that don't have formal IT departments
may have no clue at all. That said, I don't think the
endorsement letters are necessarily a bad idea, but
rather need some structure to be useful.
A guideline for the endorsement letter should be
developed to ensure the author of the letter includes
specific types of information about the candidate
experience.
Number of years of experience, roles, and responsibilities.
Possibly details about specific projects. Statement of
personal character. List of skills, knowledge areas, strengths,
and weaknesses. Possibly business unit or client references.
I also have concerns about the notion of their auditing practice.
I do not belive that a resume will substantiate a persons skills,
knowledge, or experience level. I have seen probably over
six thousand resumes in the past 28 years. Most were at
best skillfully worded emigrations of what the candidate
actually did.
I imagine the resources don't exist to have a formal committee
interview each candidate. But in my opinion that would be
an element I would want to see built in to validate candidates.
Granted social engineering could still bias the accuracy of
such an interview.
At 5/15/2002 11:46 AM, dreamwvr wrote:
helo world;
...This is a parody right?
if not I wanted to plant this seed. The CISSP process will become
more skewed and its value tainted IMHO. Here is why.
Has anyone considered who will watch the watchers? ;-))
CISSP is for those who will buy it a means of baselining security
knowledge. It_is_not_a_holy_grail. Security is a work in process not
a piece of software or a piece of paper. Security is a moving target
that never stands still.
Back to what it is i do:-))
Best Regards,
[EMAIL PROTECTED]
--
/* Security is a work in progress - dreamwvr */
#
# Note: To begin Journey type man afterboot,man help,man hier[.]
#
// "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \? ;-]
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls
--
Gregg Rosenberg - N9NNO RICIS, Inc.
Chief Technology Officer 708-444-2690 Voice
[EMAIL PROTECTED] 708-444-2697 Fax
http://www.ricis.com - 866-RICIS-77 Toll Free
"Let me not pray to be sheltered from dangers
but to be fearless in facing them."
Rabindranath Tagore (1861-1914); Bengali writer.
Support anti-Spam legislation. Join the fight at www.cauce.org
This email and any attachments that are included in it have been scanned
to ensure they are free of viruses, Trojan horses, worms, hoaxes, and any
other inappropriate content.
