eChallenges e-2011 Conference Proceedings Paul Cunningham and Miriam Cunningham (Eds)
IIMC International Information Management Corporation, 2011 ISBN: 978-1-905824-27-4
ICT Certification in Action: Positioning Methodology of e-Certs against e-CF
Peter WEISS1, John O’SULLIVAN2, George SHARKOV3
1FZI Research Centre of Information Technologies, Haid-und-Neu-Straße 10-14, 76131 Karlsruhe, Germany, Tel: +49 721 9654 604, Email: [email protected]
2Thames Communication, 119 The Avenue, Sunbury-on-Thames, Middlesex TW16 5EQ, UK Tel: +44 1932 761471, Email: [email protected]
3ESI Center Bulgaria, Business Park Sofia, Mladost 4, 1766 Sofia, Bulgaria Tel: +359 2 489 9740, Email: [email protected]
Abstract: The paper presents research concerning positioning of ICT Certifications against the European e-Competence Framework (e-CF). The research aims at evaluation and trial of possibilities and options to implement a methodology for positioning ICT certifications onto the e-CF and the European Qualifications Framework (EQF). Since 2004, the CEN initiative and project “ICT Certification in Europe” has been working closely with industry stakeholders and ICT vendors such as Cisco, Microsoft, LPI, EXIN, etc. as well as with IT Professionals associations as CompTIA, CEPIS, IEEE, etc and other standardisation endeavours such as Learning Technologies under the umbrella of CEN or [15]. Results of analysis of the CompTIA Roadmap are presented including 74 of some of most prominent certifications offered on the market. The roadmap intends to offer guidance to learners through offering career paths for typical IT professions such as e.g. Security Specialist or Network Administrator. The paper explains background and details of applied methodology for the analysis and presents some results.
1. Introduction
The new CEN Workshop Agreement (CWA) ICT Certification in Europe [2] proposes a methodology to position certifications against the European e-Competence Framework (e- CF). Currently, a joint working group initiated and co-ordinated by the CEN project team is working on an appropriate positioning technique. The team members are invited experts from major ICT certification vendor organisations such as CompTIA, Microsoft, Cisco, Cert-IT, LPI, EXIN [1]. The aim of the working group is to exchange information about current state of play as well as future trends and developments on the training and certification market. The working group looks at how most popular certifications may be classified and organised based on competence descriptions and levels in conformity with the e-CF. Major result will be a validation and further development of CompTIA’s Certification Roadmap [7, 8]. This activity is currently being challenged by the need to respect the global reach and strategy of major ICT certifications [20] which are contrasting the actual needs and peculiarities of the national/ local markets. The e-CF relates some of its foundational concepts such as “level descriptions”, competence, skills and knowledge definitions on the European Qualification Framework (EQF). Preliminary results of the new CWA are presented and discussed mainly based on [1]. The paper is organised as follows:
first the objectives and background of this research is explained, before the methodology and approach is described. After having presented the three elementary information models of chosen analysis approach, in a next step results yielding from the analysis of CompTIA’s Certification Roadmap are presented. Finally, how the positioning of ICT certification against the e-CF can be realized using three dimensions (level, credits and experience) is
looked at. After having discussed business benefits and current developments, the paper summarises major points and concludes with made achievements and next steps to be taken in near future.
2. Objectives
The ICT Certification in Action, a current initiative run under the umbrella of the CEN Workshop on ICT Skills, works closely with major certification vendors such as CompTIA, Microsoft and Cisco. The research aims at evaluation and trial of the possibilities and options to implement a methodology for positioning ICT certifications onto the e- Competence Framework (e-CF) and the European Qualifications Framework (EQF). Due to given restrictions of space, it is not possible and intended to repeat all available results yielding from recent and past research activities and studies on the addressed subject. To get acquainted with recent results and developments it is recommended to consult [1, 2, 3, 7, 8, 18, 19, 20]. The starting point and first important step of the presented research is the analysis and evolution of the CompTIA navigation chart [8] which includes some 74 of most prominent certifications of major certification providers and vendors available on the market. The results show that Microsoft offers in total 22 certifications, CompTIA 13, Cisco 9, Sun 4 and IPMA 4. Further, offerings can categorised by certification or learning level (applying CompTIA’s certification levels (5 in total ranging from beginner (1) to specialist (5)). The corresponding certification database of CompTIA [8] lists over 250 certifications which can be queried and sorted by vendor, skill category, job title1. The navigation map is a remarkable attempt to offer guidance and better transparency for learners and trainers on the certification market. The map can be seen as valuable outcome of a remarkable joint initiative and effort which yielded from willingness of a group formed by some of the leading global certification vendors and providers such as CompTIA, Cisco, Microsoft, Oracle, LPI, etc to co-operate. Recognition of certification offerings and programmes has considerably increased in priority on the task list of certification vendors and providers.
Figure 1 shows the number of certifications sorted by certification profile or career path.
As an example, security specialist is covered mainly by Microsoft, Cisco, CompTIA, LPI, Citrix, Novell/Suse, Red Hat. Especially, recognition through state-recognised qualification institutions such as universities, vocational training institutions is what vendors are looking for. Thus, coalescing of the parallel universes as the situation has been described by many authors gains momentum [1,2]. Vendors are more and more open to get the quality and contents of their offerings officially acknowledged and recognised. For this purpose, vendors are voluntarily going through accreditation procedures which aim at acknowledging spent learning time (credits) and/or referencing qualification levels (e.g.
EQF-levels or levels of national qualification frameworks). While above mentioned activities aim primarily at recognition through the national qualification systems, another emerging trend is to refer to competence levels as defined through the e-CF. Qualification levels refer to the training and qualification systems, in contrast competence levels create direct links to the working context of IT professionals and describe expected behaviour, decision-making and leadership-capabilities to be demonstrated through experience and expected outcome of professional action and activities.
1 In addition there is offered to sort by „Government Compliance” which does not contain any content. For further information please consult [7].
0 1 1 2 2 3 3 4 4 5 5
Microsoft Cisco
CompTIA
LPI
Citrix
Novell/Suse
Red Hat Sun
Oracle EXIN/ITIL PMI IPMA
OGC Certiport
ECDL‐F
# Certs per Profile
IT Project Manager IT user Software Architect Service + Help desk technician Database administrator Network administrator Security Specialist Network analyst Trainer
Figure 1: Number of Certifications per Profile
The e-CF refers to EQF-levels thus a link is created between two often completely separated environments: training/ qualification system and the working context. For example, in Ireland Microsoft certifications passed successfully formal accreditation procedures based on EQF and assignment of respective credits according to ECTS to achieve mutual recognition by the national qualification system.
This proposes to take on board experiences learned and best practices from this activity in order to develop a European model for ICT certification schemes. Factors involved in mutual recognition are:
• level (complexity), as defined by the European e-Competence Framework (e-CF) and certification levels or ladders
• hours (credits): for spent learning time, as defined by ECTS;
• work experience: e.g. as an entry requirement to certain qualifications.
In the remainder it is put in particular emphasis on level and hours to position ICT certification offerings on the CompTIA Roadmap.
3. Methodology
Three information models were analysed using UML class diagrams with the aim to identify common concepts and possible cross-references between the different systems.
Detailed analysis of the three models reveals that systems differ concerning semantics and terminology of applied concepts. Scratching at the surface this seems to be of no concern.
However, on the level of more detailed analysis (as required for the positioning and accreditation of offerings) ambiguity of terms turns out to cause problems. As an example the term “level” has different meaning in context of the e-CF and competence than it has in context of training, qualification as well as ICT certification systems. Displayed class diagrams show what information is generally available to be used for positioning of e-Certs (in this paper used as abbreviation for e-Certification or ICT Certification) against the e-CF.
Figure 2 below describes the structural dimension of the underlying information model
“ICT Certification” highlighting applied concepts and existing relationships between identified concepts in the application domain. The class diagram (notated in UML2 2.0) displays derived concepts to be applied for the analysis of the CompTIA Roadmap. Shown
2 Unified Modeling Language.
concepts were derived from applied concepts by the CompTIA Roadmap and selected concepts taken from the e-CF which show relevance for the analysis task.
Figure 2: Excerpt of General Information Model of ICT Certification
Central concepts of displayed general information model are certification, competence and training. Around these three central concepts further concepts can be identified which have different types of relationships (“associations”) with central or other concepts. Profile, cert_ladder and skill_category are related to certification through aggregation or “part of”
relationship each. Certification is based on these elements. Cert_ladder again can be related to cert_level through composition or “existence-dependent part” relationship, which underlines that cert_level can only exist as part of cert_ladder. The second information model shows an excerpt of the information model of e-CF notated as UML class diagram.
The diagram yielded as result of a structural analysis identifying applied concepts and existing relationships between those concepts. The third information model to be looked at in context of positioning certifications against the e-CF yielded from an analysis of CompTIA’s TechCareer Compass [7,8]. This model highlights which information can be queried from the database of TechCareer Compass. Certifications possess a title as attribute.
Certifications registered in the database can be sorted by job title, career path, skill category and vendor. Information models in combination provide necessary basis for structured analysis of CompTIA’s Roadmap. Our research aims at identifying and highlighting existing relationships and reference points. Positioning certifications against the e-CF necessitates looking for appropriate concepts, which allow to link information available. As already argued, level, experience and learning time constitute foundational concepts which need to be compared and looked at in greater detail. In this way it is possible to judge what an offering delivers, at what level and what learning time need to be assigned. This constitutes the basis for awarding credits and achieving mutual recognition of certification offerings on the market. Next section presents results of analysis of CompTIA’s Roadmap applying introduced information models.
4. Analysis of CompTIA’s Roadmap
The CWA [2] recommended the redevelopment of this diagram, but using the proficiency levels and competence areas of the e-CF. As a demonstration, the workshop has considered 74 and partially positioned seven certifications from four vendors against CompTIA, e-CF,
EQF and SFIA levels (see Table 1). IT Security Professional serves as an example to demonstrate applied methodology and approach.
Profile/ Career Path Certification Title
Code of Group/
Path Vendor CompTIA
CompTIA (Coding) Cisco
Cisco
(Coding) e‐CF EQF SFIA
Security Professionals Secu
Se
CCIE 7 Cisco Expert 5 Expert 5 4 7 5‐6
CCIA 7 Citrix Expert 5 Architect 6 4 7 5‐6
CompTIA Security+ 7 CompTIA Specialist 4 Expert 5 3 6 4‐5
MCSE Security 7 Microsoft Specialist 4 Expert 3 6 4‐5
CCSP 7 Cisco Specialist
5
4 Professional 4 3 6 4‐5
MCTS 7 Microsoft Intermediate 2 Associate 3 2 5 3‐4
MTA 7 Microsoft Beginner 1 Entry 2 0 2 1‐2
Security Specialist
Table 1: Positioning Security Specialist and Certification Titles against e-CF
Certifications are linked to organizational context through respective job titles or job roles (see Figure 2). For a certification offering in general a variety of job titles can be applied (see Table 1). In this way the project is able to contribute to the previously launched e-Job Profiles project as well run under the umbrella of the CEN workshop. This list of
“typical” job titles or roles within organizations is preferred by certification vendors to position their offerings. Job titles are not to be confused with certification titles. Typically, companies or learners look for job titles that are relevant to them or are corresponding with job roles and profiles described within a company. e-Job profiles need to be kept on high aggregation level. Thus, they can be seen as classification system for existing job roles and titles in industry. IT security professionals as an example have in practice many distinct specializations and shapes (based on acquired and certified skills and knowledge). Based on competence area and descriptions (e.g. level descriptions) no distinction can be made (see Table 2). IT security is a field which shows relevance to many IT job roles and competences as related basic competence and mastery of IT security foundations are required in many competence areas of an IT company or IT user industry.
5. Positioning of Certs with e-CF
The paper presents foundations for a methodology to compare different offerings and to offer common reference points in order to provide guidance for learners to navigate on the market. The paper looks at requirements and clarifies a possible way forward, with concrete recommendations as to how this might be achieved based on previous work such as [3]. The latter looked at how to align certification schemes using e-CF proficiency levels (e-CF dimension 3).
(e‐CF,
Dimension 2) Coding Competence Description e‐CF Level Range
Security Professionals
Security Specialist 1 2 3 4 5
A5 5 Architecture Design 1 1 3,4
D1 18 Information Security Strategy Development 1 1 4,5
E8 35 Information Security Management 1 1 1 2,3,4
D8 25 Contract Management 1 1 1 2,3,4
E3 30 Risk Management 1 1 1 2,3,4
e‐CF Level Range
Table 2: Security Specialist: e-CF Competence Description and e-CF Level Range
Five distinct levels of proficiency are defined: (1) associate, (2) professional, (3) senior professional/manager, (4) lead professional/senior manager, (5) principal. At this level, competence descriptions from e-CF dimension 2 (competence titles and generic descriptions) are further specified and combined with individual performance definitions.
The e-CF was introduced to the IT vendors, who were not familiar with contents of the
framework. For the project, the e-CF levels are being looked into with the aim to classify personal certifications according to e-CF levels. The analysis revealed that the e-CF levels represent a different view and not what is needed to plan and run training/ certification programs. For this purpose a more detailed view on knowledge and skills is required. Table
an excerpt of a more detailed view on skills to be associated with skill categories.
3 shows
App Applications Hdw Hardware Net Networks
1 CAD 1 Automotive 1 Apache
2 Content Management 2 PC‐Assembly and Configuration 2 Exchange
3 Graphics, layout and illustration 3 PC‐Components (CPU, RAM, Grafic cards) 3 Groupwise 4 Commercial software 4 Other desktops (Apple, ThinClients) 4 Ils
5 Music and Audio 5 Mobile Devices 5 Lotus Domino/Notes
6 0ffice 6 Notebooks 6 Proxy, Squid
7 Video and Animation 7 Displays 7 Samba
8 Webdesign/ Screendesign 8 Periphery (printer, scanner) 8 Sendmail, Exim
9 Other 9 PC‐Server (up to 2 CPUs) 9 Postfix
10 Multiprocessor server and cluster 10 Zope
Lib Libraries 11 lPsec/VPN
1 ABAP/SAP Dev Development 12 lPv6
2 Boost 1 Assembler 13 PPTP
F levels create an an resource planning.
ily different dimensions:
el of detail to plan concrete training and qualification measures and contents be covered.
Table 3: Excerpt of List of Skill Categories and Skills [17]
In this way, competence needs and job roles are connected to training measures and contents. IT certifications are not specified based on competence descriptions. The competence descriptions are too highly aggregated as that they can be used to plan training measures and its contents. For example for the profile “IT Security Professionals” two to three competence areas are of major relevance (concerning the competence described). But the description is kept as highly aggregated as possible to stay applicable in many organizational and application contexts. Next section underlines the link of qualification/
training system and competence framework (e-CF) through dimension 4 (skills and knowledge) as outlined in the e-CF guidelines. Nevertheless, the e-C
important link to organizational strategy and hum
6. Results
Certifications strive for recognition and provide proof to be seen as an integral part of the supply side, as being part of the qualification system supplying the market, besides the traditional ways of qualification such as state-recognised universities and equivalent qualification institutions. Bologna has been placing more emphasis on objectives such as employability and practice-orientation strengthening the concept of competence. The EQF is an important step towards competence-orientation and a clear shift from input-orientation towards output-orientation expressed as “learning outcomes”. The e-CF is a sector-specific adaptation and application of the EQF in the area of ICT. Nevertheless, the methodology to position certifications against the e-CF ought to be kept simple and easy to use, in this section the detail of information available concerning knowledge and skills requirements is analysed in greater detail. Our analysis revealed that competences described in the e-CF on relatively high level can differ significantly concerning skills and knowledge if looked into in greater detail. Results of this research are shown in the tables below. It is difficult to assign competences to certifications. It necessitates to deeper analyse skills and knowledge.
As well it can be observed that design and planning of training contents causes necessar overlapping of skills and knowledge. Required steps to bridge the
1) Competences need to be translated into skills and knowledge.
2) Skills and knowledge than needs to be overviewed and where necessary aggregated or further specialized. Table 4 shows in detail the skills required in network security. This is the required lev
to
Details: Network Security
Dim. Knowledge and Skill Details
Networks (Net) Development (Dev) Operating Systems (OpS)
Net (Networks) PKI/Cryptography Virus protection Code Audits Firewall
IntrusionDelection/ Prevention System IPsec/VPN
Cisco
Storage Networks Web-Application-Testing Dat (Database)
MySQL MSSQL Server
Dev (Development) Java
UML SQL
OpS (Operating Systems) Linux
Android Windows Server
ES (Enterprise Software) Microsoft Dynamics Lib (Libraries) _Net
ABAP/SAP Table 4: Network Security: Knowledge and Skill Details
For example: An IT administrator should have some basic knowledge and skills of information security and modelling but does not necessarily need to develop deeper competence in this area. Related knowledge and skills are assigned to competences that typically are not required by the professional. Thus skills and knowledge are not disjoint and need to be modelled necessarily with occurring redundancy to describe e-CF competences which are aggregating skills and knowledge information on a higher level.
7. Conclusions
Industry-based ICT certifications are still being uncoupled from the traditional qualification systems. Although the importance of lifelong learning increased and the recognition of learning achievements needs to take place more and more independently and often outside of traditional learning arrangements and training institutions. The paper looked at the substrate and foundations of a methodology how certifications might be better integrated into the lifelong learning context and system. The paper looked into how the e-CF can be used as common language achieving better transparency of what is available on the market.
Certifications of CompTIA’s Roadmap were analysed in detail. Available information models were looked at and a blueprint of a technique to position certifications against the e- CF was elaborated. IT certification programs would be able to fill and populate dimension 4 of the e-CF. Knowledge and skills definitions are seen of value, as they complement the existing e-CF competence descriptions through the necessary details to capture what is actually demanded in an occupational role. IT security professionals as an example can have very distinct specializations and fields of activity dependent on the market/ field the company/ enterprise is operating: e.g. network security, embedded systems, cloud computing, data security, web engineering, etc. Dependent on the regarded area, knowledge and skills change considerably. Another view is the technology preference of a company/
enterprise, for example if a company uses Microsoft or Cisco technology and solutions. IT vendors present in the Bonn workshops articulated their preference to use EQF-levels to position their certifications. The project was able to promote the advantages of the e-CF to them and to explain that e-CF levels are in general developed in conformity to EQF levels.
Certification providers are currently working towards formal accreditation of their programs through national accreditation agencies. Outcome of this process is the awarding of “credits” according to ECTS to certification offerings. Credits express the expected learning time of students/ candidates needed to achieve defined levels of competence and learning outcomes. While credits create links to the formal qualification system, the level of
competence point in the direction of employability and HR planning systems. Both views will and need to be considered for further analysis and future developments.
References
[1] CEN (2011). ICT Certification in Action. Project run under the umbrella of CEN Workshop on ICT-Skills.
Interim report. Autors: O’Sullivan, Sharkov, Weiß. Dated 25 February 2011, prepared for approval by DG Enterprise, European Commission. Report circulated to chair, steering committee and members of CEN Workshop plenary.
[2] CEN (2009) CEN Workshop on ICT-Skills. CWA 16052: ICT Certification in Europe. CEN Workshop Agreement, November 2009. Retrieved 20 May 2011 from http://www.ict-certification-in- europe.eu/index.php?option=com_docman&task=doc_download&gid=42&Itemid=29.
[3] I-PROF (2009). Weiß, P. Common Language to Achieve Transparency of ICT Certifications Proceedings of I-PROF: ICT Professionalism: a Global Challenge, 2009, IFIP Working WG 3.2 and 3.4 Conference: 12-15 February 2009, Arnhem, Netherlands.
[4] CEN (2008). CEN Workshop on ICT-Skills. CWA 15893 (part 1 and 2) has been published by CEN in November 2008. Retrieved 20 May 2011 from http://www.ecompetences.eu.
[5] CEN (2010). CEN Workshop on ICT-Skills. European e-Competence Framework version 2.0, CWA published by CEN in September 2010. Retrieved 20 May 2011 from http://www.ecompetences.eu.
[6] CEN (2006). CEN/ISSS 2006. CWA 15515: European ICT Skills Meta-Framework - State-of-the-Art Review, Clarification of the Realities, and Recommendations for Next Steps. Retrieved March 6, 2009 from ftp://ftp.cenorm.be/PUBLIC/CWAs/e-Europe/ICT-Skill/CWA15515-00-2006-Feb.pdf.
[7] CompTIA (2010). CompTIA Certification Map and CompTIA TechCareer Compass (TCC http://tcc.comptia.org/, http://www.comptia.org, last visited 24 May 2011.
[8] CompTIA (2010). CompTIA http://www.comptia.org/home.aspx, last visited 28 February 2011.
[9] EC (2009a) European e-Skills Conference 2009: http://www.eskills-pro.eu/, retrieved 02 March 2010.
[10] EC (2009b) Recognizing Value Credentials. Issue Paper. Towards a European Software Strategy.
Working Group 6, “Skills and Lifelong Learning”, European Commission DG Information Society and Media - Directorate for Converged Networks and Service, February 2009, Brussels.
[11] EC (2008). European Commission. “eSkillsPolicy - Benchmarking study on policies on multi- stakeholder partnerships for e-skills in Europe”. By Empirica, January 2008, http://www.eskillspolicy- europe.org/.
[12] ENISA (2007). Carsten Casper and Alain Esterle: Information Security Certifications, A Primer:
Products, people, processes. The European Network and Information Security Agency Technical Department, Deliverable 2.1.5/2007, December 2007.
[13] HARMONISE (2007). Survey of Certification Schemes for ICT Professionals across Europe towards Harmonisation. http://www.cepis-harmonise.org, September 2007, Project of CEPIS Council of European Professional Informatics Societies, final report.
[14] ISO (2003). ISO/IEC 17024:2003, Conformity Assessment – General requirements for bodies operating certification of persons; source:
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=29346.
[15] ISO (2008). ISO/IEC 24773:2008: Software Engineering — Certification of Software Engineering Professionals — Comparison Framework. ISO/IEC JTC 1/SC 7/WG 20 N046; source:
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=41543
[16] Upgrade (2007). ICT Certifications for Informatics Professionals. Luis Fernández-Sanz, María-José García-García, and Peter Weiß (Ed.), Upgrade Journal Special Issue, Vol. VIII, issue no. 3, June 2007.
[17] ct (2011). ct’ Gehaltsstudie: Einkommensumfrage IT, Heft 6, 2011.
[18] CEN (2009a): Weiß, P.; O’Sullivan, J.; Bellini, R.: The Parallel Universes are Coalescing: e-Certification in Europe, e2009, In: Cunningham M. and Paul.: eChallenges Conference Proceedings, IIMC Ltd, http://www.echallenges.org, Istanbul, Turkey, 2009.
[19] CEN (2010a): Weiß, P.; O’Sullivan: ICT Certification in Action, e2010, In: Cunningham M. and Paul.:
eChallenges Conference Proceedings, IIMC Ltd, http://www.echallenges.org, Warshaw, Poland, 2010.
[20] Microsoft (2011): A Comprehensive Look at the Value of Microsoft Certification: The Career Journey from Relevant IT Skills, Microsoft Learning, Microsoft Certification Report (17 pages), January 2011.
