This question was referred to me. Here is the response that I gave to Mr.
Russell:

In general, felony convictions are disqualifying for professional
credentials. This is not unique to the CISSP. For the CISSP, we do not
automatically disqualify anyone who has not applied. Applicants are required
to disclose any felony convictions. Most of those who have and disclose such
convictions have mitigating or extenuating circumstances and we have often
considered those favorably if they are not related to information technology.
We have never knowingly certified anyone who has a felony conviction for
computer crime. While we reserve the discretion to consider someone with
years to decades of good behavior after such a conviction, we would not
consider anyone with a recent conviction. This has less to do with the
individual than it does with our responsibility to protect the profession and
the certificate.

William Hugh Murray, CISSP
Chairman, Professional Practices Committee

Ryan Russell wrote:

> Apolgies that this is a bit off-topic. I can't seem to find an answer to
> the question elsewhere, and I know many of the appropriate people
> subscribe.
>
> A friend of mine (it's actually true in this case, believe it or not) has
> a question regarding qualifying to get his CISSP certification. He has a
> felony conviction for computer crimes. He'd like to get his CISSP, but
> the requirements are not clear. He's fully aware of the code of ethics,
> and has no problem with that going forward. The question has to do with
> past behavior. The code is written in present and future tense.
>
> So, assuming all the listed qualifications are met, will he have a problem
> obtaining his CISSP?
>
> Ryan

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]