The ITCC has a message: Better test security benefits everybody

Posted on
Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

This feature first appeared in the Fall 2015 issue of Certification Magazine. Click here to get your own print or digital copy.

Test security is a vitally important topic in certification.With this issue of Certification Magazine having a focus on IT security and security certifications, it seems appropriate to share some thoughts on he challenges and initiatives around securing the certifications themselves.

Certifications are important in our industry, as they are used to validate the skills of those professionals who are involved in all aspects of IT — development, sales, deployment, support and more. IT certifications have value in many different ways. Assuring that only skilled and qualified individuals receive the certification is one important way to protect the value of those certifications.

The Securing Certification initiative of the IT Certification Council (ITCC) is focused on discussing and developing ways of protecting the integrity of the testing process. We wat to ensure that only qualified candidates are awarded certifications.

The Importance of Certification Test Security

The importance of securing the certification process and exams differs slightly by audience. Let’s take a quick look at the most important considerations for each group:

The Candidate: The honest, dedicated IT professional spends long hours building skills by learning and working with the offering, and in preparing for the certification exam. They take the exam to validate those skills as part of their personal growth, and to represent their dedication through the awarded credential.

Certification helps successful exam candidates compete in the marketplace. It can help them compete for a business opportunity, either for themselves or for their company. It can help them compete for a job, through inclusion in their resume, or for a promotion or salary increase within their company. It can help them provide better service to a customer.

That the certification is perceived as being valid and of value to the customer, the company, or the hiring manager is of paramount importance to the candidate, and is the reason many put in the time and effort to achieve it.

The Hiring Manager: Certifications have long been one of the criteria evaluated by hiring managers in seeking the best candidate for a given job. Trust in the value and validity of the certification — and in the skills it represents — is critical to any managers weighing IT credentials appropriately when making a hiring decision.

The IT Vendor: IT companies that develop and offer products and services in the marketplace use certifications to identify a set of professionals (and firms) that are known to be skilled in their offerings. If there are breaches in test security, then the vendor is unsure of the quality of their “skilled” population, and of the success their offering will have in the market.

Non-qualified individuals with unearned certifications will likely lead to customer dissatisfaction and critical situations with the vendor’s offerings. That could cause a possible loss of competitive edge for their products or services.

Certification test security is all about finding ways to protect the value of the certification for the candidate, the hiring manager, and the vendor or organization who administers a given credential.

What is the ITCC doing about Certification Test Security?

The Securing Certifications initiative was launched by the ITCC about seven years ago. By bringing together a handful of the test security leads at top IT companies, we have taken several important steps to address the challenge of increasing the security of certification exams in the industry. Those steps are documented in greater detail at the ITCC site. Some of the specific actions being taken include:

Collaboration among Industry Leaders: Each of us face different challenges around securing our certifications, but we also face some common issues. By sharing ideas, company actions and “best practices,” we can each accelerate the real steps we take in our individual certification programs.

Communication and Messaging: If our programs identify and ban individuals caught in non-independent test taking (NITT), we clearly send a message to those 50, 100, or 500 candidates. By developing our messaging around our ability to identify and take hard action against NITT candidates, however, we can reach many hundreds of thousands of test takers — making it clear what we are capable of detecting, and the actions being taken. The intent is to make clear the risk and severe consequences of trying to achieve a certification through NITT.

Education of Exam Candidates: Along with the messaging on detection and consequences, we have written several white papers intended to educate exam candidates who are not yet aware of the inappropriate actions on their part that can lead to NITT, as well as penalties.


Regardless of the role you play in the certification cycle — candidate, hiring manager, or certification curator — this issue is very real. Securing our industry certifications is a never-ending challenge, and initiatives such as those by the ITCC are critical in maintaining the trust we all place in each certification and every certified individual.


Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
Chuck Cooper


Chuck Cooper direct the ITCC Securing Certification initiative. Chuck works for IBM, and has been in the IT industry in development, marketing, training and certification for 46 years, including the last 10 as Program Director, IBM Professional Certification Program.

Posted in Opinion|


Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>