As we reach the midpoint of the year, now is a great time to ensure you are keeping up with your annual Continuing Professional Education (CPE) requirements. ISACA offers many opportunities for earning CPE, including conferences, webinars, ISACA Journal quizzes, and more. By being a member of ISACA, you can earn more than 72 CPE credits for free.
We asked five ISACA community members to share how they personally approach earning CPE credits, not only as a requirement, but to advance their professional development. Read on for their strategies below.
Sarah Iannantuono, Data, Security and Risk Executive, CISM, CRISC, CDPSE
I take a two-pronged approach, balancing forward-looking career growth with immediate community contribution.
- Alignment with Career Goals: I start by mapping out my specific objectives for the year. I ensure a majority of CPE activities directly bridge the gap between my current skillset and those future goals, ensuring every hour spent learning has a tangible impact on my professional trajectory. For instance, if my goal this year is to ensure up-to-date skills in AI governance, I prioritize advanced courses on AI risk frameworks and attend workshops specifically focused on this topic. Alongside this, I allocate roughly 20% of my CPE hours to exploring emerging topics of pure interest to foster innovation.
- Focus on Giving Back: I prioritize opportunities that allow me to volunteer or mentor. I find that the most effective learning often happens when I'm teaching others or serving on committees. This not only reinforces my own knowledge but ensures I'm actively contributing to the profession's ecosystem. For instance, this learning may occur while you mentor colleagues at your job or through volunteering with industry groups.
Harshad Sadashiv Kadam, Senior Infrastructure Security Engineer, ISACA Emerging Trends Working Group Member
Honestly, the CPE that's moved the needle for me has been the kind where I'm accountable to others — not just consuming content. Leading the AI Security Engineers Austin chapter, presenting at the ISACA Austin Annual General Meeting, chairing the nomination committee, and putting original research in front of a peer-reviewed audience at OWASP's 25th Anniversary all forced me to go deeper than any course ever did. When you're representing a community or standing in front of peers with original work, the bar is higher — and that's where the real learning happens.
Chetan Anand, CDPSE, Associate Vice President – Information Security and CISO, Profinch Solutions
Being a topic leader for the Engage Community is one of the ways to volunteer, contributing to the community by sharing knowledge and expertise, as well as learning from the interactions. This is not only a great way to build one's network, but also to acquire CPE credits.
Rianat Abbas, Senior Associate, AMGEN
My approach is to look for learning opportunities that strengthen both my technical knowledge and my ability to apply that knowledge in business environments. I usually prioritize CPEs that are connected to areas I actively work in or write about, such as cybersecurity governance, AI risk, privacy, IT audit, product security and emerging technologies. I also look for programs that include practical case studies, current regulatory or industry developments, and insights from experienced practitioners.
Some of the most worthwhile opportunities for me have been ISACA webinars and certification-related learning, especially those focused on IT audit, governance, risk, cybersecurity and AI. I also find value in CPE opportunities from industry conferences, professional association events and technical workshops because they help me stay current while also connecting the learning back to the challenges organizations are facing.
Rashmi Tallapragada, Information Protection & Security Analyst
When evaluating CPE opportunities, I usually look for sessions that help me think about familiar problems in a different way. I tend to get the most value from practitioner-led sessions that share real-world experiences, lessons learned and implementation challenges rather than focusing solely on a framework or standard.
I also find workshops and tabletop-style exercises particularly valuable because they encourage participants to work through realistic scenarios and decision points. Sessions where practitioners discuss what worked, what did not and what they would do differently provide insights that are often more memorable and applicable than the technical details alone.