I've always questioned the value of professional IT certifications, and more so the desire of Corporate America to base hiring decisions on a prospective candidate having such things listed on their resume. This article, from CIO Magazine, restates my concerns about this industry practice. While Schrage's comments are aimed at the IT certifications in general, his underlying thoughts echo my ongoing sentiments on this topic as pertain to the IT security arena. (Incidentally, the best internet security experts I know of - and trust - do NOT hold certificates.)
See also "Certifiably Certified" - my 2002 column on the dubious value of certifications in the information security industry. Column is available at: http://www.securityfocus.com/columnists/118 -rick Infowarrior.org Hiding Behind Certification An overreliance on IT sheepskins is a recipe for disaster. http://www.cio.com/archive/061504/itwork.html?printversion=yes PROFESSIONAL CIRCUMSTANCES have twice required me to become an "instant expert" on certification. The first time involved grasping the byzantine ins and outs of health-care plan accreditation. The second time required understanding the politics (and economics) of how different universities granted diplomas and certificates for their business, technical and professional extension courses. I learned far more than I bargained for. Both experiences recalled Bismarck's famous epigram that one should never see either laws or sausage being made. I was shocked. Professional certification and accreditation turned out to be processes as messy, political, misleading and dysfunctional as most enterprise software development and implementation initiatives. The critical difference, of course, is that testing software quality is easier and less ambiguous than testing the quality of a certification. That's why I've been struck by the seemingly pathological need so many CIOs have for the certification of skills and accreditation of organizational performance. I find this craving misguided and pathetic. What does it really say when someone is Microsoft certified? Or has a certificate in "network engineering" from a quality university? Or if a development organization has a Capability Maturity Model Level 3 rating? Or is ISO 9000 compliant? In many respects, these questions are as pointless and silly as asking, what does it mean to graduate summa cum laude from Harvard in English? Or, how good a lawyer will you be if you performed brilliantly on the multistate bar exam? Or, to be a total jerk about it, how superior an executive would you be if you had an MBA from a top-20 school? < snip > http://www.cio.com/archive/061504/itwork.html?printversion=yes -- You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
