Based on several developments during 2007, a certification resurgence may be in the works. We offer a few suggestions to help it along. Published January 3, 2008
By Anne Martinez
There was plenty going on in the certification marketplace in 2007, and the industry is showing signs of emerging from the relative doldrums of the last few years. From players large to small, certification vendors kept busy rolling out new exams and updating existing ones to incorporate the latest products and technologies. Going beyond maintenance, certification vendors are exhibiting an increasing will to revitalize the perception of computer certifications by employers and certification candidates, not just through wishful thinking, but with concrete action plans. It is not clear yet, however, how strong the will is to do this and what resources will truly be put into it, so success is far from assured.
No Shortage of New Certification Options
Throughout 2007, certification vendors continued to show their commitment to the day to day business of running certification programs. Microsoft, of course, was full of activity as usual, adding certifications for Microsoft Dynamics products and a new business certification program for Microsoft Office 2007 to replace the Microsoft Office Specialist program, as well as rolling out a batch of new exams including additional Microsoft Certified Technology Specialist (MCTS) and Microsoft Certified IT Professional (MCITP) tracks and Windows Vista exams and retiring old ones.
Also among the busiest, Cisco Systems rolled out a new entry level certification, the Cisco Certified Entry Networking Technician (CCENT), which is a stepping stone to their former first level certification, the Cisco Certified Network Associate (CCNA). They also launched a line of certifications for data center professionals and revamped the CCNA and CCDP exams and two new security certifications, Cisco Network Admission Control Specialist and Cisco IOS Security Specialist.
Sun Microsystems launched certifications for its latest platform versions, including Sun Certified Programmer for the Java Platform (SCJP), Standard Edition 6 and Sun Certified Systems Administrator for Sun Cluster 3.2 Software.
CompTIA launched Convergence+ and PDI+ (printing and document imaging), Lotus released Domino 8 developer exams, Cognos completely revamped its program, the Linux Professional Institute (LPI) finally activated its LPIC level 3 certification, SANS created the GIAC Secure Software Programmer (GSSP), and IBM and Nortel kept up a continual roll out of exams tied to new product releases. Numerous other vendors added or updated certifications this year or launched entirely new programs.
Most Notable New Certification
A tip of the hat goes to the folks over at SANS Institute for their new certification, GIAC Secure Software Programmer (GSSP). The certification itself is a solid one, addressing the critical skill area of secure coding practices and identifying developers who know how protect against application vulnerabilities. It is offered in specialties tied to particular languages such as C, Java, PHP, PERL, and others. The sharp way the GSSP fills a marketplace credentialing need is only half of the story; an equally admirable accomplishment is how SANS is going about the testing itself.
Bucking the trend of other certification exams out there, GSSP testing provides a service beyond simple pass/fail reporting, it provides detailed feedback on how the candidate performed on various objectives covered by the test. Each score report identifies individual strengths and weaknesses, reporting on how the candidate scored in each area in relation to the best possible score as well as the average score for each task area. You can view a
sample score report on the SANS Web site.
This is a real service and which should be emulated by other certification vendors, putting the emphasis on skills improvement as well as on skill confirmation. Some of the original certification programs used to provide such feedback, if not in as much detail, but this has largely fallen by the wayside due to security concerns and other issues. CompTIA has been one of the few to keep up a version of this over time, and the SANS Institute has brought it back in a big way. Let's hope that other certification vendors will consider doing the same, or even something better.
Trends in Certification Testing
From the test distribution standpoint, several things of note happened in 2007. First, exam security continues to be an issue of concern. Maintaining the integrity of the testing process is key to protecting the value of certification. In the past, tactics such as exposing candidates to a limited pool of questions, policing so called braindump sites, requiring photo IDs, and physical test center security have all been employed without complete success. Just this December, however, Cisco Systems announced that it will be introducing several innovations in the coming year to further combat exam fraud. These will include collecting digital photos and digital signatures of all test takers to further ensure the candidate's identity. This is likely a first step toward using biometrics to confirm identity, not just with computer certification testing, but with other professional testing programs as well.
Perhaps also in response to security concerns, several vendors who have utilized online testing in the past have switched over exclusively to proctored testing. This includes SANS Institute's Global Information Assurance Certification (GIAC) program, which has been employing online testing for many years.
Secondly, there have been several developments related to the testing networks themselves. Instead of using both of the major testing networks, Prometric and Pearson VUE as they have for many years, Microsoft and Cisco each announced a move to test exclusively through a single test provider. Interestingly, they made opposite choices, both announced at virtually the same time, with Microsoft contracting with Prometric and Cisco with Pearson VUE. Since both of these offer robust testing networks worldwide, this should not significantly affect certification candidates. It does show, however, that both of them offer the necessary worldwide reach, and it is no longer necessary to test through both in order to ensure test availability. Other certification vendors may well make a similar move in the coming year, leading to even stiffer competition than usual between Prometric and Pearson VUE, which could work out well for certification vendors. Prometric, by the way, has been spun off from The Thomson Corporation, and is now a wholly owned subsidiary of Educational Testing Service (ETS).
As far as the cost of certification exams, always of importance to certification candidates, the price of most of SAS Institute's exam rose from $150 to $180, and Planet3 Wireless boosted their Certified Wireless Security Professional (CWSP) fee from $175 to $255, and CompTIA prices seem to have edged upward; otherwise, exam fees remained relatively stable throughout 2007.
It's no secret that computer certification has been suffering through a bit of the doldrums in recent years, still serving a useful purpose but fading slowly farther from the star status among IT professionals and employers that it originally held. Rather than simply observing this trend, this year certification vendors seem to have decided it's time to address the perceived diminishing value of certification head on and act to reverse it.
Just this November it was announced that Hewlett-Packard, IBM, Microsoft, Novell and Sun, CompTIA, and LPI (Linux Professional Institute), along with testing network providers Prometric and VUE and the Kaplan education company, have joined forces to create an Information Technology Certification Council (ITCC). The ITCC has the goal of driving the value of certification by addressing topics such as exam security, perceptions versus realities of IT certification value, return on investment, and training to testing ratios. The plan is to do this by targeting both employers and certification candidates. If this goes beyond the organizational stage, the combined might of these heavy hitters could be a real force for certification renewal. Individual certification vendors are also increasing general promotional activities for their programs.
The training to testing ratio has long been an issue of concern to certification vendors and is one of the things they are working to improve. Apparently, many IT workers take certification training but never take the exams to obtain the credential. There are probably multiple reasons for this, such as incurring additional expense with no guarantee of passing the exams and a feeling that the certification itself will not offer much additional value. To address the issue of expense, an increasing number of vendors are offering discount programs and free exam retakes. This year Microsoft, Novell, SAS Institute, and Sun Microsystems, among others, all ran free retake promotions.
This is all good, but what, besides generalized promotion and attention to test security, really needs to be done? Whether the value of certification will go up, down, or simply trot along in the future lies squarely in the hands of the certification vendors, who must address two inextricably intertwined tasks, first to create certifications that offer concrete value to IT professionals and then to convince employers that this value exists. A few certifications, such as Cisco's high end Cisco Certified Internetwork Expert (CCIE) designation, have almost always had this winning combination; other certifications, such as Microsoft's Microsoft Certified Systems Engineer (MCSE) and Novell's Certified Novell Engineer (CNE) once had it but have largely lost it.
Recently some of the certification vendors, not just the biggest, seem to have developed a new dedication toward remedying this. This is evident in some of the previously mentioned developments, such as the formation of the ITCC, but how many times have we seen similar promising announcements only to have them fade silently away without ever achieving significant implementation? Hopefully this time will be different. Certainly they must already have a long list of plans, but they, as well as individual certification vendors, might also want to consider some of the following steps:
Provide concrete incentives of some kind beyond current marketplace forces. This may seem superficial, but the market can be slow to respond and sometimes needs an extra push, even if a somewhat contrived one. These incentives should be career related, i.e., not trips and merchandise, because people don't commit to time consuming and difficult tasks like training and testing in order to obtain a personal material reward, unless it's more money. Exactly what these incentives might be should be ascertained through careful research (see next item). Perhaps it would include regular access to free or inexpensive professional advancement or training opportunities, significant discounts on products or technical support to employers, or something entirely new. Certainly some of these incentives exist already, but they need to be bigger, better, and more widely promoted so that everyone knows about them and they become a driving reason rather than a nice aside.
- Perform some heavy focus group activities with IT professionals to find out, if a certification were developed from scratch, exactly what they would want and expect it to do for them. Often such information is attempted to be gathered from test takers, but those are people who already chose certification. They will have good input, but the people who are not choosing certification need to be tapped as well. Rather than each vendor attempting this independently, pooling resources and quarterbacking via an organization such as the ITCC can make this much more possible.
- Renew activities to demonstrate to employers that certification is good for business and isn't just a way for their employees to buff up their resumes. Already studies have been done showing increased ROI and so forth when employees are certified, but many of these are years old. Also, specific incentives such as those mentioned in the first item but from the employers perspective should not be overlooked.
- Continue to defend the integrity of certification through exam security.
- Continue with testing deals and promotions to bridge that gap between training and testing and pursue ways to get individuals to take that first certification exam.
If 2007 was a year where certification vendors began showing increased commitment to building their certification programs, then 2008 needs to be the year where IT professionals and their employers are wooed back into the fold of computer certification in large numbers. This is most likely to happen by evolving certifications to the next level rather than solely by pushing what already exists. The SANS Institute has some good ideas for using certification exams to identify and measure improvement in skills on top of offering a credential, which would benefit both employers and employees. More ideas like this need to be developed. At times it seems like certification vendors are so focused on keeping a tight grip of control on their certification programs that the desires of the IT professional get lost in the shuffle, but this is something that needs to change. In 2008, innovation is in order, and it is time for computer certification to evolve to the next level.
http://gocertify.com/article/certification2007-4.shtml
