top of page
  • Immagine del redattoreCoriacea

The “CPE” Mafia. It's time to say enough!


It's Christmas, are we all better? Uhm…I don't think so!


This article is dedicated to all those international organizations (we'll see which ones later) that make ethics their "stronghold", but in fact, these organizations completely ignore where good taste, as well as ethics, lives.

We are at the end of the year, if you, like me, are begging for the "CPE", arbitrarily requested by the "ethical" international organizations mentioned above, and you are forced to pay the "pizzo" (“protection money”), then read this article, until the end.

There is always a way to say NO to the "mafia" (obviously from "my" very personal point of view), in whatever form it manifests itself. The only thing needed is an act of will. And you can change the world.

As you will understand, all it takes is 10 minutes of your life, a simple message of protest (then we'll see to whom). And at this point, you have "entered" the flow, becoming the protagonist of a small, but at the same time, big change.

Once you have sent your protest message, write a comment on this article, just to leave your trace. It will serve to count us. If we are a few dozen people, even better a hundred, and maybe even more, together ("class action") we will have no difficulty in demonstrating, in the appropriate legal venues, that the "CPEs" are nothing more than an instrument of extortion of money, which denies the profound meaning of the CPE itself. But let's get to the facts.


Today there are many International Associations that support and sponsor the development of "methodologies" and "certifications" for carrying out activities in the IT (Information Technology) field.

In particular, I am referring to ISACA and all those international associations (which from now on I will call "friends") who use the "CPE" tool for their benefit, essentially of an economic nature.


A simple and powerful way to create money from nothing as the central banks of every nation do. A fraud!


CPE is the acronym for “Continuing Professional Education (CPE)”. The following is ISACA's official description of the topic of CPE: “Continuing Professional Education (CPE): To maintain CISM certification, individuals are required to earn continuing professional education (CPE) credits annually. This helps CISM holders stay current with industry developments” (


In practice, ISACA (and not only) requires the holder of one of its certifications (CISM, CISA, COBIT, etc.) to annually "earn" "credits" which it calls CPE (minimum "20 CPE" per year for ISACA) . Normally “1 CPE” is equivalent to one hour of study or refresher courses.

ISACA, for example, so as not to be too generic, essentially provides three ways to earn CPE, they are:

  1. Working for free for ISACA (sic!) calling them "volunteers" (;

  2. Follow refresher courses at specific organizations that ISACA calls "Accredited Partner Training". The latter have the right (obviously "granted" by ISACA) to "issue" a certain number of CPEs, based on the duration (in hours) of the course itself (notoriously expensive);

  3. Participate in the ISACA Conferences (lasting approximately 4 or 5 days) which ISACA holds annually in different continents of the planet (America, Europe, Asia, etc.). You can also participate in their conferences online, thus avoiding the costs of food and accommodation. However, please note that normally the unit cost to participate in such conferences (obviously excluding room and board) is around 800 dollars.


I want to clarify right away. I agree that the holder of a high-profile professional certification such as CISM, CISA, or COBIT (to name those offered by ISACA) must annually demonstrate his commitment to keeping up to date on the latest technologies and scientific discoveries in the ICT (Information Communication) field. Technology).

I don't find anything wrong with it I say that we could (not necessarily) even do more.

It is not certain that those who attend "courses" or "congresses" have truly understood what they have read, or what they have heard from some speaker.

It is a different matter if the holder of a certification chooses a "new professional certification" every year (like those offered by Microsoft, Google, Amazon, Oracle, ISACA, ISC2, GIAC, and many, many others, and all respectable) demonstrating, without any doubt, that he has read and understood what he/she has studied.

All this to say that I am not questioning the CPE which, let's remember, once again, means "Continuing Professional Education".


However, something doesn't add up in the ways ISACA "generously" offers to earn CPE.

For example, let's examine the second modality offered by ISACA provided through its so-called "Accredited Partner Training".


Accredited Partners Training are companies that run courses whose objective is to provide participants, at least in theory, with all the tools (basic knowledge) to successfully pass multiple certifications (Microsoft, ISACA, ISC2, Google, Amazon, and dozens of others), Normally these courses issue several CPEs "just" less than 20 CPEs (coincidentally we will see why).

The students could also opt NOT to attend the "expensive" courses provided by the "Accredited Partner Training" at all but to study on their own.

Regardless of the path chosen ("course" or "self-learning"), to obtain any certification the scholar must study tens of hours, better said hundreds of hours. We are talking about months, if not a year, even more (obviously it depends on the difficulty of the certification).

Well, you know how much ISACA values (not to be generic) obtaining "any" certification: 2 CPE!

Yes, you understood correctly, two (hours), approximately the average duration of a certification exam (normally the exam lasts about 1 hour and 30 minutes).


There is no certification in the world in the professional field that any student can obtain, after having studied (starting from scratch), only after 2 hours (2 CPE) of self-learning.


This is what I discovered the hard way when I demonstrated to ISACA that I had "successfully" taken a certification exam in December 2023 (before the CPE submission deadline).

The exam that I passed after studying various books for about 4 months.


Clearly, I contacted the ISACA technical support team, asking for explanations for this absurd decision of theirs. Unfortunately, they responded to me with statements devoid of any logic.

We know that when an answer is unclear, the motivation for this illogicality always comes from a squalid lie.


Now if you also find yourself in the same situation and discover that the international organization (ISACA or "friends") DOES NOT recognize your certification adequately (at least 20 CPE or more), write a protest email to their support team. Then leave a comment on this article. We will need it to count how many we are.


If there are many of us, through an appropriate "class action" we can begin to counteract this monopoly of power, this dystopian reality that now envelops the single individual in all areas of his life.


It's time to say enough!

We too have long since entered the dystopian society prophesied by George Orwell: “Everything faded into mist. The past was erased, the erasure was forgotten, the lie became truth.


Merry Christmas!

74 visualizzazioni

Post recenti

Mostra tutti


bottom of page