Level 2 IRE training

To qualify for credit an event must meet all of the following criteria:

1. Supports information or cybersecurity
2. Provides attendee interaction or knowledge transfer, such as:
   • Class exercises, discussion, group work, opportunity for question and answer, survey, or a written report of the event prepared by the IRE.
3. Provides for proof of participation:
   • Host issues a completion form/certificate (or a transcript is available), host maintains a roster of attendees, or an IRE may also report with details on the time/place/presenter and summary of the experience.
4. Meets generally accepted standards as an educational event:
   • Is planned in response to an identified educational need
   • Has legitimate educational objectives
   • Is designed/conducted by qualified personnel
   • Has content/delivery methods that support the Intended learning outcomes
   • Is evaluated by participants in some manner or IRE prepares a suitable report for their management
   • Lasts at least 30 minutes

• Classroom training
• Educational conferences
• Self-paced/online training
• College coursework
• A defined educational component of a meeting
• Seminars taken as part of a professional certification
• Learning held via interactive video/web conferencing
• DIR’s annual Information Security Forum

While certifications might be acceptable, they would need to be within both the scope of the job duties of the IRE and relevant to information technology or security. Certificates need to be approved by the ISO to qualify for completing annual CPEs.

Activities for Which Continuing Education Credit is Not Eligible

Many of the activities below are worthy endeavors and are encouraged. However, these activities do not fall within the scope of IRE continuing education guidelines for the purpose of CPE credit.

• Any educational activity that does not support cybersecurity
• Programs that do not meet generally accepted standards for a continuation educational activity
• Courses in software applications used for general office automation (word processing, spreadsheets, etc.)
  Note: while training to increase one’s productivity in these tools is encouraged, this type of training is not recognized within the scope of this program
• Any educational program that is not completed by the participant.
  Note: to meet the educational objectives of a program, the IRE must attend and complete all modules that relate to the program objectives
• Reading technical journals, newsletters, magazines, and books.
• Meetings of focus groups, advisory committees, work groups, etc.
  Note: educational presentations scheduled within such meetings may count if they meet the program guidelines
• Viewing of mass media programs presented via television, radio, newspaper, etc.
  Note: no interactivity, no proof of attendance
• Meetings/events designed for information sharing or training on agency administration or human resources functions rather than for educational purposes. Example: An IRE attends an internal training session on how to use the organization’s timekeeping system—this would not qualify for CPE credit.
• Authoring articles, white papers, books that are not on the subject related to cybersecurity
• Professional organization membership, including serving as an officer or on a committee.
  Note: while the general meeting and networking activities do not apply, educational components hosted by the organization may qualify; e.g., a one-hour educational program embedded in a meeting, educational seminars or annual conference hosted by the group.

Every role will come with its own demands, but we do have a list of recommended trainings hosted on LinkedIn Learning and most of them satisfy the 2 hour requirement, testing, and proof of training requirements to count as CPE.

Note: not all trainings are applicable to all groups. Please be mindful when selecting trainings.

Trainings on LinkedIn Learning

Windows Server 2016

Windows Server 2019

Other Servers

Operating Systems: Windows 10

Operating Systems: MacOS

Operating Systems: Linux

Programming and Security

Other Trainings

One unit of IRE continuing professional education (CPE) equals one contact hour. The term contact hour is defined as a 60-minute interval in which interactive learning takes place as part of a structured educational or training experience.

The terms CPE unit, CPE hour, IRE CPE, or CPE refer to 60 minutes of continuing education credit - these terms are used interchangeably in these guidelines. Additionally, the terms contact hours and clock hours are common generic terms indicating 60 minutes of continuing education.

Note that each education session must be at least half an hour (or half of one credit) in duration to be counted.

IREs should retain proof of participation for each educational activity.

Examples of attendee documentation may include a certificate of completion, statement by the sponsoring body, or copy of registration confirmation with actual course materials.

Examples of documentation as a presenter may include the event program or agenda, correspondence with the sponsoring body, copies of the material presented.

There is no reporting requirement defined for these guidelines, however, DIR highly recommends that IREs save their documentation.

Most of the suggested educational activities will provide the necessary hours to meet the requirements set out by DIR, but it's always good to review and remember that each education session must be at least thirty minutes in duration and meet the minimum education standards.

For a detailed explanation, please view the linked .pdf below to see how to calculate your credit hours based on each category.

Measuring Continuing Education - Calculate CPEs

• IREs must complete the minimum number of CPE hours specified during each fiscal year
• An IRE transferring from one agency to another as the IRE may transfer his/her CPE records/hours.
• For self-paced educational activities that meet all other CPE requirements, the creator or sponsor of the activity should establish a standard number of contact hours based upon the average completion time. The IRE may count stated contact hours or the actual completion time, whichever is less, toward IRE credit.
• Programs delivered via distance learning technologies maybe considered for inclusion as long as (1) they provide for participant interaction/understanding and (2) there is an objective means of verifying program completion.
• CPEs earned and utilized for the maintenance of industry recognized cybersecurity certifications may count toward an IRE’s CPE hours. These CPEs may include activities which are not considered eligible under these guidelines but are considered eligible by the issuer of the IRE’s certification.

Interactivity is a useful component of qualified events. Typically, the more interactive, the more learning that occurs. The amount of interactivity varies significantly among different situations.

Examples of interaction and levels of interactivity include:

• A seminar may include group exercises as well as other class interactions.
• While listening to a keynote at a large conference, interaction may be limited to the opportunity to ask questions and discuss the topic with peers.
• Participants of a live webinar can usually submit questions, vote on polls, indicate yes/no, and perhaps chat.
• Self-paced online learning modules often have pop-up questions and quizzes—simply reading onscreen text and pressing a NEXT button does not qualify.
• Passive activities, such as watching a video or webinar recording may not always qualify. A report developed by the IRE may suffice to show a knowledge transfer occurred to the IRE, and may be necessary to demonstrate understanding.