User talk:Tqbf/CISSP POV

Vendor Neutral

It's not vendor neutral, it's the product of a vendor. Not advocating trashing it the lede, but object to calling it out as neutral.--- tqbf 04:49, 14 November 2007 (UTC)

Quibble: you're arguing about the meaning of words. Silly. CISSP is vendor neutral means it isn't a CISCO or Microsoft or Redhat certification. Vincent 16:22, 15 November 2007 (UTC)

It sounds like we're epsilon from agreeing on wording here. I'll think of something to replace it with that captures your point. --- tqbf 16:51, 15 November 2007 (UTC)

Nonprofit --- Undue weight

That ISC2 is an NPA is irrelevant to the cert. You might be surprised how little NPA status actually means. --- tqbf 04:51, 14 November 2007 (UTC)

So you agree it's factual? It's your own bias that would have you remove the fact from article? Vincent 16:23, 15 November 2007 (UTC)

Clearly we should not eliminate the ISC2's NPA status. I simply think highlighting it in the lede creates the impression that the ISC2 is somehow charitable, or above business concerns. NPA status has no impact whatsoever on the compensation of people employed by the ISC2; ISC2 shares virtually all the same conflicts of interest as any services organization would have.

So to restate: my problem is that the NPA status of the ISC2 has little bearing on the CISSP program itself. As CISSP is the subject of this article, not the ISC2, I object to it remaining in the lede as-is.

--- tqbf 16:27, 15 November 2007 (UTC)

Sourcing for Member Count

These numbers aren't audited. Clearly they belong in the article, but not stated as simple facts.--- tqbf 04:51, 14 November 2007 (UTC)

Audited?!? Of course(ISC)2 is audited. It would lose non-profit tax status if it were found to make fraudulent claim. Vincent 16:24, 15 November 2007 (UTC)

You are factually in error if you are asserting that the ISC2 would lose NPA status if it misstated the number of people who had ever obtained a CISSP cert.

This change is simple. We simply need to remark in the text that the ISC2 says there are ~50k CISSPs. I'm not even saying the text has to question that number --- it simply needs to make it clear where the number comes from.

Geez louise. If the change is simple, WHY DON'T YOU MAKE THE CHANGE!!! —Preceding unsigned comment added by Vfp15 (talk • contribs) 16:33, 15 November 2007 (UTC)

--- tqbf 16:28, 15 November 2007 (UTC)

If you don't want to discuss the changes this article needs, stop discussing it. You seem to be taking this personally. If you change the article, and those changes aren't POV, I will of course not revert the change or re-tag it POV. Otherwise, leave it be, and I'll soon make the changes myself. It is weird that you are taking the time to agree on wording and the same time complaining about doing so. Nobody is forcing you to participate here, but I hope it's clear that I find your participation valuable. --- tqbf 16:49, 15 November 2007 (UTC)

NSA Endorsement

That some part of the NSA endorsed the CISSP is indisputable. But the NSA is huge. The NSA, as an organization, does not endorse CISSP as the benchmark. This should be pulled into a subsection, not stated as a simple fact in the lede graf. --- tqbf 04:52, 14 November 2007 (UTC)

"Generally accepted"

... by who? Weasel words! --- tqbf 04:53, 14 November 2007 (UTC)

I reworded that and it is factual to say (ISC)2 states it is the gold standard for security certifications. However if you wanted to get rid of the phrase, I ain't married to it. Vincent 16:26, 15 November 2007 (UTC)

Thanks for your change. Personally, I think that when the article says that the ISC2 claims it's the gold standard, that more closely reflects my (negative) POV about the program than if the words simply weren't there. So I'm fine with your change, but suggest that maybe you want to lose the wording to keep it neutral. 16:29, 15 November 2007 (UTC)

Demonstrate proven capabilities

The word "proven" is unncessarilly POV. The cert attempts to demonstrate something. --- tqbf 04:54, 14 November 2007 (UTC)

The cert aims at demonstrating... Vincent 16:26, 15 November 2007 (UTC)

Excellent. 16:29, 15 November 2007 (UTC)

"International gold standard"

Give up on this. --- tqbf 04:55, 14 November 2007 (UTC)

So remove it... Vincent 16:27, 15 November 2007 (UTC)

Will do! --- tqbf 16:29, 15 November 2007 (UTC)

High demand

All security professionals are in high demand. --- tqbf 04:57, 14 November 2007 (UTC)

So edit it out...Vincent 16:27, 15 November 2007 (UTC)

You sure? Tell you what: if you're OK with my editing this out wholesale, let's just leave me with this sentence in the article; I almost guarantee that you'll be happier with what I write than you would be if we just removed it. I'm not saying we shouldn't remark that the CISSP is a good career move (would that it were not, though!), just that we should put it in context. --- tqbf 16:30, 15 November 2007 (UTC)

Just edit the bloody article without calling POV, will ya? Fix it instead of whining. It's a pretty neutral article. WP is a work in progress, there's always something to fix. So fix it instead of pointing the finger at it and chanting "POV! POV! POV!" Putting a POV tag at the start just labels it a bad article when it's pretty good. Vincent 16:38, 15 November 2007 (UTC)

Putting a POV tag on an article does not label it a "bad article". Maybe this is why you're having so much trouble with this. --- tqbf 16:50, 15 November 2007 (UTC)

Thanks for removing the label. And yes, these labels do carry stigmas. The POV label often indicates means there's an ongoing contents dispute. In this case the dispute was about the label, not the content. By labeling the whole article you were making the problem greater than it was. If you look at the edit history, you'll notice I toned it down a lot a couple of months ago, without putting up a POV label. And you'll notice I didn't object to your edits.

As for the audit issue, I'm pretty sure that they would lose their NPO status if they made habitual false claims. Their organization's chief purpose is to provide security benchmarks and to certify practicioners against those benchmarks. If they start making materially fraudulent claims in this regard, they could be shut down completely. A material fraud would be claiming 50,000 CISSPs when in fact there are only 2000, or claiming 500,000 when in fact there are 50,000. Claiming there are 49,000 when in fact there are 50,000 would not be fraud, nor would it affect the truth of the article except to an epistemologist. Vincent 16:05, 16 November 2007 (UTC)

Well, I totally disagree about the POV tag. I cannot be accountable for the misapprehensions of Wikipedia consumers who don't understand the mechanics of how the thing works. The tags are there to improve articles. Saying that improvement tags "stigmatize" articles is like asserting that an article is "finished". Get CISSP to GA status and maybe that'll be an easier argument to defend.

As for the audited numbers: I'm not advocating that we question the number. I'm simply saying that the source of the number should be mentioned along with the number itself.

It appears we're in a happy place. We may be in a less happy place down the road (because I've got some critiques of CISSP I'm going to source and add to the article), but I think we both recognize that we're working in good faith. And thank you for that. --- tqbf 16:10, 16 November 2007 (UTC)

"Too hard"

Source this. This is a faux-criticism. The opposite is far more often asserted. --- tqbf 04:57, 14 November 2007 (UTC)

Quibbling. This is a faux complaint. (Or reversing the languages, a false complainte.) Well, people who fail think it's too hard. A crypto expert might well think the BCP questions are too hard, for instance. It is a real criticism. Is it widespread? Is it held by all critics? Most critics? Who knows. Not worth arguing about Vincent 16:30, 15 November 2007 (UTC)

So let's just axe that criticism. --- tqbf 16:31, 15 November 2007 (UTC)