CISSP professional experience and college degrees

I'm puzzled by something on the web site that identifies the requirements
for CISSP certification, specifically the professional experience
requirements and the wavers allowed for college education. It says that
they'll waive a year of the professional experience for someone who has "a
four-year college degree OR Master's Degree in information security from a
U.S. National Center of Academic Excellence in information Security":

https://www.isc2.org/cgi-bin/content.cgi?category=1187

My question is this: doesn't having a master's degree imply in all cases
that the person also has a four-year college degree? I know it's possible to
earn a PhD without first getting a master's degree, but I've never heard of
anyone being able to skip a bachelor's degree and go directly into a
master's program. So is the CISSP master's degree waiver statement pointless
and if not, what am I missing? I first thought that perhaps they meant that
they'd waive TWO years if you had BOTH a four-year degree and the master's,
but their web site explicitly says that's not the case ("If you hold both a
four-year degree and a Master's degree, you may only apply for a one year
waiver of experience").

Re: CISSP professional experience and college degrees

"Sam Jones" writes:

> I'm puzzled by something on the web site that identifies the requirements
> for CISSP certification, specifically the professional experience
> requirements and the wavers allowed for college education. It says that
> they'll waive a year of the professional experience for someone who has "a
> four-year college degree OR Master's Degree in information security from a
> U.S. National Center of Academic Excellence in information Security":
>
> https://www.isc2.org/cgi-bin/content.cgi?category=1187
>
> My question is this: doesn't having a master's degree imply in all cases
> that the person also has a four-year college degree?

One way one could read the quote above is that a degree in Information
Security from a US National Center of Academic excellence in infosec
-- be it a bachelors or masters--will qualify ya for whatever.

But how isc2 interprets it, I can't say with any authority.

--
Todd H.
http://www.toddh.net/

Re: CISSP professional experience and college degrees

Sam Jones wrote:
> I'm puzzled by something on the web site that identifies the requirements
> for CISSP certification, specifically the professional experience
> requirements and the wavers allowed for college education. It says that
> they'll waive a year of the professional experience for someone who has "a
> four-year college degree OR Master's Degree in information security from a
> U.S. National Center of Academic Excellence in information Security":
>
> https://www.isc2.org/cgi-bin/content.cgi?category=1187
>
> My question is this: doesn't having a master's degree imply in all cases
> that the person also has a four-year college degree? I know it's possible to
> earn a PhD without first getting a master's degree, but I've never heard of
> anyone being able to skip a bachelor's degree and go directly into a
> master's program. So is the CISSP master's degree waiver statement pointless
> and if not, what am I missing? I first thought that perhaps they meant that
> they'd waive TWO years if you had BOTH a four-year degree and the master's,
> but their web site explicitly says that's not the case ("If you hold both a
> four-year degree and a Master's degree, you may only apply for a one year
> waiver of experience").
>
>

It's a long time ago but I seem to remember having rules like that back
when I worked for a university. I think the point was that it is
possible to obtain a master's degree in a subject (in this case infosec)
on the back of a bachelor's in a different but related subject. So the
rules are worded like that to admit those holders of a master's degree
whose first degree was not strictly "in information security from a U.S.
National Center of Academic Excellence in information Security", but
nonetheless gained them admission to a master's course that was.

So the one-year waiver applies if you have either done a first degree in
the subject, or followed up a first degree in something else with a
master's in the subject. Seems logical.


Tim Jackson