IRE Security Continuing Education

Yes. The annual Security Awareness Training that you complete each fall qualifies for one CPE for that fiscal year. This fills the requirement for Level 1 IREs. This fulfills one of three required CPEs for Level 2 IREs.  This fulfills one of six required CPEs for Level 3 IREs.

One unit of IRE continuing professional education (CPE) equals one contact hour. The term contact hour is defined as a 60-minute interval in which interactive learning takes place as part of a structured educational or training experience. The terms CPE unit, CPE hour, IRE CPE, or CPE refer to 60 minutes of continuing education credit— these terms are used interchangeably in these guidelines. Additionally, the terms contact hours and clock hours are common generic terms indicating 60 minutes of continuing education. 

IREs should retain proof of participation for each of their education activities. This can include a certificate of completion, states by the sponsoring body, or a copy of registration confirmation with course materials. Examples of documentation as a presenter may include the event program or agenda, correspondence with the sponsoring body, or copies of the material presented.  

At this time, IREs are responsible for tracking their own completion of this requirement. However, the Texas Department of Information Resources highly recommends that IREs save their documentation.

All of the following criteria must be met:

  • Supports information or cybersecurity  
  • Provides some type of attendee interaction or knowledge transfer (class exercises, discussion, group work, opportunity for question and answer, survey, or a written report of the event prepared by the IRE, etc.)  
  • Provides for proof of participation (host issues a completion form/certificate, transcript available, host maintains a roster of attendees, IRE’s report with details on the time/place/presenter and summary of the experience)  
  • Meets generally accepted standards as an educational event: – is planned in response to an identified educational need – has legitimate educational objectives – is designed/conducted by qualified personnel – has content/delivery methods that support the intended learning outcomes – is evaluated by participants in some manner or IRE prepares a suitable report for their management – lasts at least 30 minutes  
  • Examples of Qualified Educational Events: 
    • Classroom training
    • Educational conferences
    • Self-paced/online training
    • College coursework
    • A defined educational component of a meeting
    • Seminars taken as part of a professional certification
    • Learning held via interactive video/web conferencing
    • DIR’s annual Information Security Forum 

The Texas Department of Information Resources has provided the Information Resources Employees Continuing Education Guidelines for Cybersecurity.

You can also contact with any questions.