A fear of job losses and offshoring are just two reasons why IT professionals are embracing the multitude of certifications currently on offer. Certification options are increasing and so too is the level of interest.
Gartner research director Steve Bittinger said with many IT professionals living in fear of losing their job to outsourcing, the drive for gaining certifications is getting much stronger.
"My personal impression is the forces of globalization and outsourcing are stronger now than they have ever been, and plenty of organizations are deciding on offshoring, so one of the things IT managers are trying to do now is demonstrate that their people and their skills are up to scratch," Bittinger said.
"Over the last few years we've seen an emphasis on security certification and ITIL certification, so it operates at the individual level and the organizational level.
"People are thinking if they get certified, then there's much less of a chance of their role being outsourced. It's a way of fighting back against these forces."
But Bittinger doesn't think such a great emphasis should be placed on gaining certifications, claiming it's often not what employers are looking for. "Certifications measure explicit knowledge and skills, but there's a lot of tacit knowledge to be gained out there and businesses and employers know that," Bittinger said.
"Certifications are a good thing but they are not the only thing; you still need a lot of real-world experience, and in many cases, coaching, mentoring and a whole lot of experience is a lot more attractive to a potential employer."
But if you are considering pursuing a certification, which one is the right one?
"There are certain skills and competencies you have to keep within your organization, like managing outsourcers, security, architecture and to some extent the interface between business and IT," Bittinger said.
"Many of these certification courses are tightly focused; some businesses set themselves an organizational goal, usually in security, project management and ITIL."
Novell's worldwide vice president of training services, Dan Veitkus, knows all this when it comes to training and certifications, leading a team of performance consultants, instructional designers, courseware developers, technical writers, technical engineers and certified trainers. And what Veitkus is seeing round the world when it comes to certification, is clients now want to measure competency far more rigorously than before.
"In the area of certification, there is an increase in testing and competency-based initiatives, and performance-based exams," Veitkus said. "Our customers have asked us to measure competency, instead of examining knowledge and skills, so we are answering this by changing the way we measure and deliver certifications."
This is evident in Novell's hands-on, Web-based exam Practicum, which the company uses to award its certified Linux engineer qualification. The exam tests practical skills in a variety of areas, including installing Linux servers in a network environment, managing users and groups and troubleshooting network processes and services. The exam is accessed via a Web browser.
"Not only is there a demand in Australia for this sort of certification, it's all over the world," Veitkus said.
"What's different about our strategy is we have embraced performance-based exams through our channel partners and our partners have the ability to offer everything. The demand warrants this.
"Novell has declared a commitment to Linux and open source as well as identity management and services and this strategy hasn't changed in the last two years. We've retooled the offering we have, and our push is mainly behind open source and identity management."
Certifications are certainly still popular in Australia, with Veitkus seeing more money being shifted into the planning and design of training; however, he warns that the industry will continue to grow and change.
"I think we're going to see a couple of things. There will be a consolidation of mass-appeal certification programs and the birth of customized certification programs for different companies," Veitkus said.
"I also think we will see growth in the health and financial services sector, and while security is not going to go away, specific security around identity management will continue to explode in importance and demand."
Bridge Point Communications director of security practice group Tim Smith claims that organizations of all types and sizes are interested in certification, though some sectors may display more interest than others.
"Bridge Point has noted that financial institutions, the health sector and government have been at the forefront of understanding the benefits of certification as well as the security consultants and vendors that service these sectors," Smith said.
Smith's company is the education affiliate of ISC2, an organization which provides certifications for information security professionals, including certified information systems security professional (CISSP), systems security certified practitioner (SSCP), as well as the CISSP information systems security engineering professional, architecture professional and management professional certifications.
Bridge Point runs the CISSP courses and tests on behalf of ISC2 in Australia.
"There are an increasing number of organizations and individuals in Australia that have become more aware of and interested in the CISSP certification," Smith said.
"Since the first examination in Australia in 2002, Bridge Point has noticed a marked increase in the awareness and requirement for an internationally recognized certification in Australia and we now have attendees from both individuals and employers on our CISSP Review Seminars and examinations.
"The importance of the certification is also demonstrated by the number of individuals now certified in Australia; there were 244 CISSPs in August 2003, 420 CISSPs by September 2004 and as of June 2005, there are 546 CISSPs in Australia. The growth rate over the last year is 30 percent."
However, Smith claims that certifications will have to evolve, as industries, like the information security industry, matures and changes. "Any certification needs to move with the changes in the industry," Smith said.
"Certifications will continue to grow in popularity, particularly as the security industry matures and employers need a degree of comfort that an individual has a holistic view of security.
"As the industry moves forward, we will see an increase in specializations such as computer forensics and security architecture design." Smith said vulnerability and penetration testing, while not a certificate program, is high up the list of must-do courses.
"Many people take the course so they can boost their own defences; they want to find out what hackers know," Smith said. He said developers also are taking courses in security measures to help them write more secure code.
While IT professionals are security-aware, the same does not necessarily apply to the rest of an organization, Smith said. Bridge Point has structured courses that companies can use as induction or staff training to introduce security matters to general staff from base level to managerial level, Smith said.
Meng Chow Kang, chief security & privacy advisor, Microsoft Operations in Singapore, said security-certified IT professionals will have an edge over non-certified professionals in many areas where security needs are now being recognized as fundamentals to their business enablement. "For developers, it would be an edge in developing secure products; services professionals will have an edge in evaluating security needs and delivering security-enabled services.
"IT professionals who are not security certified will face challenges gaining recognition for their skills. Employers will also be more confident of delivering better security-enabled products and services when CISSP-certified professionals are in their staff," Kang said.
Melbourne-based IT specialist Maxxam Computer Systems is one company that got serious about certifications, and says it was the first organization in Australia to be awarded BS15000/AS8018 certification for IT service management, based on ITIL.
Brad Krauskopf, Maxxam CEO, said gaining the certification shows customers that his organization is "an improved, more accountable service at a reduced cost and risk, delivered by a partner committed to continuous improvement and industry best practice".
"As a specialist IT service provider, we saw the obvious business benefits and competitive advantage of attaining AS8018," Krauskopf said. "However, the real benefits of AS8018 have been realized within our own organization. Maxxam's vision and team has been re-aligned by AS8018 and ITIL to become more service-focused, customer-centric and process-orientated."
But while Maxxam chief information officer Dan Alexie is pleased at gaining the certification, he warns that it was a hard process. "It's amazing what you find when you take a long hard, critical look at the way you do things," Alexie said.
Maxxam was coached through AS8018 by Itilics, a service management organization servicing the Asia-Pacific region.
While Itilics service management and AS8018 consultant Ed Broome is the first to shout the benefits of ITIL, he agrees that gaining the certification can be a difficult journey. "AS8018 isn't something someone else can do for you, it's your challenge," Broome said.
"Itilics can guide and coach, but you have to put the work in and Maxxam did just that and got their reward."
Broome claims that although Maxxam was the first to receive this certification, many more Australian organizations are realizing the benefits of being certified with ITIL.
"Maxxam is a good example of an organization that benefits from this sort of certification, because it is an outsourcer, so it's of real value and [gives the company] a competitive advantage," Broome said.