Go Global: IT Certifications Need International Focus
When an IT security manager based in Belgium is called on to advise the CFO working from the home office in Hong Kong, more than a common spoken language is needed to gain the trust and respect required to move the project forward. The same goes for the IT business consultant jetting from a manufacturing client in Australia to a banking client in Brazil.
Many factors contribute to a professional’s reputation, including education, previous employment, accomplishments and awards. A key tool in establishing expertise and value is holding a certification that is recognized worldwide. Certifications show that the professionals holding them have the knowledge, commitment and discipline to achieve specially defined standards and keep their expertise up-to-date. Some of the leading international IT designations include the Information Systems Audit and Control Association’s (ISACA) Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certifications, SANS’ Global Information Assurance Certification (GIAC), CompTIA’s Security+, the Microsoft Security Systems Engineer (MCSE), the Association of Certified Fraud Examiners’ Certified Fraud Examiner (CFE) credential, the International Information Systems Security Certification Consortium’s (ISC)2 Certified Information Systems Security Professional (CISSP), the Project Management Professional (PMP) from the Project Management Institute (PMI) and the Certified Business Continuity Professional (CBCP) from DRI International.
“The business market has become truly global. Management and control over IT transcend geography, and as a result certifications that are internationally recognized are critical to ensure a consistent approach, background and skill set,” said Marios Damianides, CISA, CISM, CPA, CA, partner, Ernst & Young LLP. “Many requests for proposals (RFPs) we receive ask how many of our people have certifications and what they are. Since our clients have offices around the world, certifications that are respected by our international client base have an added value, and we encourage our staff to attain them.”
Employers frequently list well-known certifications in their job descriptions, and as a result recruiters often advise prospective job candidates to emphasize their certifications as a way of reinforcing their expertise. Even the major career Web sites, such as Monster.com, are very likely to specify particular certifications as a base requirement for jobs. Since these recruiters and Web sites are drawing candidates from around the world, the internationally known designations add significant value to a candidate’s resume.
Open systems, global trading partners and increased legislation have all impacted how today’s executives perceive the IT structure. Organizations around the world are implementing increasingly complex IT systems and facing continually evolving security threats. As the integrity and reliability of information and IT systems have become critical to an enterprise’s success, senior-level IT managers have needed to be as attuned to business issues as they are to technical issues. Today’s senior IT manager must be a hybrid with both business and IT knowledge and skills. As a result, one of the most active sectors for certification growth around the world is technology management.
Organizations around the world are implementing increasingly complex IT systems and facing continually evolving security threats, so executives need to know that those in charge of the systems possess the expertise for effective management and consulting. It isn’t enough for IT managers to be technically proficient any more. They must add management skills that enable them to align IT with overall business objectives and applicable laws and regulations.
One certification introduced recently to meet the need for higher-level business-IT expertise crossover is the CISM, which was developed for professionals who manage, design, oversee and assess an enterprise’s information security. CISM is a business-oriented designation offered by ISACA, an international association with more than 29,000 members in more than 100 countries. Individuals who have attained CISM have the ability to manage an organization’s information security and possess the knowledge and experience to set up, implement and direct a security structure to manage risk effectively.
“The CISM certification addresses a lot of what employers are telling us they are looking for in senior security managers,” said David Foote, president and chief research officer, Foote Partners, an IT workforce research firm and management consultancy. “Sarbanes-Oxley, new state-level information security laws and similar regulation around the world will continue to focus more attention on infosec governance, enterprise program management and global security strategies. Enterprises need more individuals who have the expertise contained in the CISM job domains.”
The flow of IT jobs to countries outside an enterprise’s headquarters’ country is also creating an increased interest in global certifications. When companies evaluate IT resources based in another country, they qualify workers at potential outsource firms the same way as in their home country—degrees, certification, years of experience and specialties, according to Foote Partners research.
“Certifications have always existed as a way to compare and contrast people,” said Foote. “They help companies ensure that employees’ skills, experience, ethics and principles are at an appropriate level for their needs. Plus, they help ensure that consistent standards and specifications are applied across the globe.”
Foote Partners research shows that certification has become a way for qualified employees to differentiate themselves in popular offshore outsourcing talent pools located in India and the Philippines. Emerging areas where certification will likely become more aggressively pursued include China, Brazil, Mexico and Argentina. In addition, the Foote Partners research indicates that there is untapped talent and economic leverage in the near term and the long term in Russia, Slovakia, Slovenia, Hungary, Ukraine, Estonia, Poland and the Czech Republic.
“It is clear that India and China offer high-growth opportunities because certification supports the growing need in those areas for skilled information and communication technology workers,” said Kris Madura, MBA, certification program manager, CompTIA Security+. “Other countries, including Japan, Korea, Singapore and Malaysia, have similar needs. In fact, CompTIA is in the process of localizing Security+ for the Japan market. While North America and Europe are more mature markets, the demand for educated, trained, certified and experienced personnel will continue to remain high among all geographic areas.”
Continuing Education Is Key
One hallmark of a top-level global IT certification is a stringent continuing-education policy to make sure professionals remain up-to-date on international advances in technology and their fields. Continued effort and knowledge advancement on the part of the professional is required to ensure that practices and skills are standardized across different cultures, languages and industries.
“Everybody wins with the continuing education required to maintain global certifications. Employees earn higher respect from their employers, and the employers gain assurance that their staff has the latest practical knowledge to assess technology risk and control,” said T.R. Venkateswaran, CISA, CAIIB, senior manager of information security, information technology division, head office, Punjab National Bank, India. “In India, the Certified Information Systems Auditor (CISA) designation is recognized as one of the most respectable qualifications in the banking information technology field. It is also one of the most des