Earning a certification is a milestone. Keeping it current is the job that never ends.
Most IT professionals do not lose certifications because they stop caring about them. They lose them because the renewal calendar becomes unmanageable. A CISSP requires CPE credits on a three-year cycle. AWS certifications expire after three years and require a passing exam. CompTIA certifications renew on a three-year CE cycle. Cisco credentials operate on a three-year recertification cycle tied to continuing education or passing a higher-level exam.
When you hold five or more credentials from three or more vendors, the renewal requirements interact in non-obvious ways. Getting the management system right is as important as the original study effort.
Understanding the renewal models
Before building a maintenance system, you need to understand how each vendor's renewal model works, because they are not the same.
CompTIA: Continuing Education (CE) Program
CompTIA certifications — A+, Network+, Security+, CySA+, CASP+, and others — renew on a three-year cycle from the date of certification. Renewal requires earning Continuing Education Units (CEUs) and submitting them through CompTIA's certification continuing education portal, plus paying an annual CE maintenance fee of $50.
The number of CEUs required increases with certification level:
- A+, Network+, Server+: 20 CEUs per three-year cycle
- Security+, CySA+, PenTest+: 50 CEUs per three-year cycle
- CASP+: 75 CEUs per three-year cycle
CEU activities include completing higher-level certifications (which can satisfy the entire CEU requirement in one action), attending training courses, writing articles, attending conferences, or passing a new exam. A candidate who earns Security+ and then earns CySA+ satisfies the Security+ CEU requirement automatically through the "higher credential" provision.
AWS: Exam Recertification
AWS certifications expire exactly three years from the date of passing. Renewal requires passing either the same exam again or any higher-level exam in the same track. There is no continuous education option — AWS requires demonstrated competency through examination.
An important structural benefit: passing the AWS Solutions Architect Professional exam simultaneously renews the AWS Solutions Architect Associate certification. Passing any AWS specialty exam renews the Cloud Practitioner. AWS publishes the "recertification credit" matrix in its certification policies documentation.
Microsoft: Role-Based Annual Renewal
Microsoft introduced a free annual renewal model in 2021. Microsoft certifications expire one year from the date of passing (with some role-based certifications having specific expiry windows). Renewal is free and completed through Microsoft Learn via a short assessment — typically 25-40 questions — that takes 30-60 minutes. No exam center visit is required.
This makes Microsoft certification maintenance one of the least burdensome in the industry, provided you complete the renewal before the expiration date. Microsoft sends email reminders starting 180 days before expiration.
Cisco: Continuing Education or Exam
Cisco certifications renew on a three-year cycle. Renewal options include:
- Passing a qualifying exam
- Earning 30 Continuing Education credits for CCNA/CCNP level certifications (more for CCIE)
- Using Cisco-authorized training credits
Cisco's Continuing Education program accepts a wide range of activities including Cisco DevNet courses, authorized training, and Cisco Live session attendance.
(ISC)2: Annual Maintenance Fees and CPE Credits
CISSP, SSCP, CCSP, and other (ISC)2 certifications require 20 CPE credits per year (120 total over a three-year cycle for CISSP), plus an Annual Maintenance Fee of $125. CPE activities include training, publishing, teaching, and professional contributions. (ISC)2 has a broad definition of qualifying CPE activities, making it relatively easy to accumulate credits through normal professional work.
Building a certification calendar
The most common maintenance failure is not laziness — it is failing to track renewal dates across multiple vendors with different cycles. A certification tracking system needs three components: expiration visibility, renewal requirement tracking, and activity logging.
Expiration visibility
Create a single source of truth for all your certification expiration dates. A simple spreadsheet with the following columns is sufficient:
| Certification | Vendor | Earned date | Expiration date | Renewal type | Renewal deadline |
|---|---|---|---|---|---|
| Security+ | CompTIA | Jan 2022 | Jan 2025 | 50 CEUs | Dec 2024 |
| AWS SAA | AWS | Mar 2023 | Mar 2026 | Exam | Feb 2026 |
| CISSP | (ISC)2 | Jun 2021 | Jun 2024 | 120 CPE + AMF | Jun 2024 |
| AZ-104 | Microsoft | Aug 2023 | Aug 2024 | Free assessment | Jul 2024 |
Set calendar reminders at 180 days, 90 days, and 30 days before each expiration date.
Renewal requirement tracking
For each certification, document what the renewal requires and how much progress you have made. CompTIA's CE portal tracks CEUs automatically when you submit activities. (ISC)2's CPE portal similarly tracks progress. For AWS, the renewal requirement is binary — you either passed a qualifying exam or you have not.
For Microsoft, the only tracking needed is a reminder to complete the annual online assessment before the expiration date.
Activity logging
Track every activity that could count toward certification renewal credits, even if you have not yet decided which certification it will be applied to. Conference attendance, training completions, webinars, published articles, and higher-level exam passes all typically qualify for multiple credentials simultaneously.
The stacking strategy: earning renewals while advancing
The most time-efficient approach to certification maintenance is structuring your career advancement so that earning new certifications satisfies the renewal requirements of existing ones.
"The professionals who maintain the most credentials with the least effort are the ones who treat every new learning activity as both career advancement and credential maintenance simultaneously. They are not running two separate programs — they are running one." — Ed Tittel, author of over 100 IT certification study guides and former Director at NetSol Technologies.
This means planning your certification roadmap to allow each new credential to renew as many existing credentials as possible.
Example stacking scenario:
A candidate holds CompTIA Security+, AWS Solutions Architect Associate, and CISSP. Their renewal plan:
- Year 1: Pass AWS Solutions Architect Professional — this simultaneously renews the AWS SAA. Use study time and CPE submission to apply 40 CPE credits toward CISSP renewal. Security+ CEU clock is running but not urgent.
- Year 2: Earn CompTIA CySA+ — this satisfies the entire 50-CEU requirement for Security+ renewal through the higher credential provision. Add 20 (ISC)2 CPE credits by attending Cisco Live virtually.
- Year 3: Complete CISSP annual maintenance fee and submit remaining CPE credits from ongoing professional work and conference attendance.
Total new exam cost over three years: two exams. Total certifications maintained: four. Total CEU/CPE credits satisfied: all requirements met.
Leveraging professional work as renewal credit
Most IT professionals are already doing renewal-qualifying activities and simply not logging them. The gap between what qualifies and what candidates claim is often large.
Activities that typically qualify for CPE/CEU credits across multiple vendors:
- Attending industry conferences (virtual or in-person)
- Completing vendor training modules on platforms like AWS Skill Builder, Microsoft Learn, or Cisco U.
- Publishing technical blog posts or articles
- Presenting at user groups or conferences
- Mentoring or teaching IT courses
- Completing academic coursework in IT or security subjects
- Reading and summarizing qualifying publications (some (ISC)2 credits work this way)
The time investment to log these activities is minimal — typically 10-15 minutes per activity. The cost of not logging them is potentially letting a $500+ certification expire unnecessarily.
What happens when a certification lapses
Understanding the consequences of an expired certification motivates the tracking work.
CompTIA: If you allow a CompTIA CE certification to expire, you have a six-month reinstatement window during which you can still submit CEUs and pay the reinstatement fee. After six months, you must retake and pass the exam from scratch.
AWS: If an AWS certification expires, you must retake and pass the exam. There is no grace period or partial credit for expired credentials. The expired certification is removed from your AWS Certification account.
Microsoft: Microsoft certifications that expire without completing the free annual renewal assessment are marked as expired. You must retake the full exam to restore them. There is no grace period.
Cisco: Cisco provides a 90-day grace period beyond the expiration date during which you can still complete continuing education credits to renew. After the grace period, you must retake the exam.
(ISC)2: (ISC)2 provides a grace period before formally suspending a credential. However, lapsed credentials require backpayment of AMFs plus CPE requirements to be reinstated, which is significantly more expensive than maintaining the credential in good standing.
Automation and tools for renewal tracking
Several tools can help automate the tracking work.
Credly (the platform where most digital badges are issued) tracks expiration dates for all credentials earned through Credly-issuing organizations. Setting up a Credly account and claiming all your badges gives you a single view of expiration dates across CompTIA, Cisco, AWS, and other vendors who use the platform.
Google Calendar or Outlook recurring reminders are underrated. A 15-minute setup to add renewal deadline reminders for every active credential is worth months of peace of mind.
LinkedIn certification section allows you to add expiration dates to credentials. LinkedIn will remind you (and implicitly your network) when certifications are approaching expiry.
See also: Voucher strategies: how to reduce certification exam costs by 40% or more | Certification roadmaps for five IT career paths | The difference between associate, professional, and expert certification tiers explained
References
- CompTIA. (2024). CompTIA Continuing Education Program. https://www.comptia.org/continuing-education
- (ISC)2. (2024). CISSP CPE Requirements. https://www.isc2.org/Certifications/CPE
- Amazon Web Services. (2024). AWS Certification Renewal and Expiration Policy. https://aws.amazon.com/certification/policies/
- Microsoft. (2024). Renew Your Microsoft Certifications. https://learn.microsoft.com/en-us/certifications/renew-your-microsoft-certification
- Cisco. (2024). Cisco Certification Recertification Policy. https://www.cisco.com/c/en/us/training-events/training-certifications/recertification-policy.html
- Credly. (2024). Digital Badge Management and Verification. https://info.credly.com/
- ISACA. (2024). CISM and CISA CPE Requirements. https://www.isaca.org/credentialing/cpe
Frequently Asked Questions
How often do IT certifications need to be renewed?
Most major IT certifications renew on a three-year cycle. CompTIA certifications require CEU credits every three years. AWS certifications expire after three years and require passing an exam. Microsoft certifications now expire annually but offer a free online renewal assessment. Cisco certifications renew on a three-year cycle via exam or continuing education credits. (ISC)2 credentials require annual CPE submissions and maintenance fees.
What happens if I let an AWS certification expire?
AWS removes the expired certification from your account and you must pass the exam again from scratch. AWS does not offer a grace period or continuing education alternative. The only way to recertify is to pass a qualifying exam.
Can earning a higher-level CompTIA certification renew a lower one?
Yes. CompTIA's CE program includes a 'higher credential' provision: earning a higher-level CompTIA certification fully satisfies the CEU requirement for lower-level certifications in the same pathway. For example, earning CySA+ satisfies the 50-CEU renewal requirement for Security+.
How do I track CPE credits for (ISC)2 certifications?
(ISC)2 provides a CPE portal where holders can log qualifying activities including training, conference attendance, publishing, teaching, and professional contributions. The portal tracks total credits accumulated and shows progress toward the annual and three-year cycle requirements. Submitting credits is the holder's responsibility — it is not automatic.
What is the cheapest way to renew multiple certifications at once?
The most cost-efficient approach is to pass a higher-level exam that satisfies multiple renewal requirements simultaneously. For example, passing AWS Solutions Architect Professional renews the SAA. Earning CompTIA CASP+ renews Security+ and CySA+ through the higher credential provision. Planning your advancement roadmap to maximize renewal stacking reduces the total number of exams and CEU activities needed.