Yes, we actually didn't have our meeting today, so I was able to attend.
I'll try to summarize as best I can...
The first thing that was emphasized, was that clause 3 of the Candidate Agreement that is agreed to prior to taking the exam states it is your own responsibility to be checking in with EC-Council for updates to the ECE guidelines, keeping track of your points, etc. A copy of the agreement can be found on the EC-Council website.
As for the ECE guidelines, each member that has earned a certification which requires re-certification or continuing education (most of them) must earn 120 points within 3 years (quite similar to CISSP requirements). The 120 points is
per member not per certification. You must also earn a minimum of 20 points per year, so you can not slack off completely for the first two years and then rack up all of your points the final year.
If you have earned your certification prior to Dec. 31, 2007, your certifications are set to expire Dec. 31, 2010. If you have participated in qualifying events, or have earned points in 2007, you may carry over a
maximum of 40 points into 2008. Do not get confused on this. Many people understood this to mean you can only earn a max. of 40 points in a year, which is not the case (or at least was never stated by EC-Council). The 40 point carry-over only applies to those certified prior to Dec. 31, 2007.
As for earning points, I didn't write them all down, but here are a couple:
Re-pass exam: 120 points
Attending a security conference: 5 points per day of attendance
Attending a chapter meeting: 3 points per meeting
Publishing a paper: 10 points per paper
Publishing a book: 40 points per book
University classes: 1 point per credit
Attending webinar: 5 points per webinar
Attending a security course/class: 1 point per hour of attendance
CBT Training: 1 point per hour of study (according to course)
Speaking at a security event: 10 points per hour
Attending Hacker Halted: 30 points
Publishing articles for EC-Council Members (probably in the portal): 25 points per article
Some of the recognized conferences are TechnoSecurity/Forensics, CSI, BlackHat, Interop, and others.
All members are expected to maintain sufficient evidence (paper trail) of their points earned. EC-Council has the right to audit you and you will need to provide evidence of your points (despite the fact that they will have a point-tracking portal). Side-note: the ECE tracking portal will be available soon.
There will be no annual membership fees and you will have access to yearly online transcripts.
Once you've earned your points, you will receive an ECE certificate stating that your certifications are still valid.
If you have any questions and want them answered by EC-Council officially, they may be directed to
ece@eccouncil.org.
I hope this helps and gives everyone a good overview. I'm sure there will be many more details released with the official ECE guideline document that should be published on the EC-Council website hopefully soon.
I'll try my best to answer any questions that you have if I've missed something.
Bill
OSCP - Offensive Security Certified Professional : Failed my first attempt at the OSCP exam
