Professional Testing, Inc.
Providing High Quality Examination Programs

From the Item Bank

The Professional Testing Blog

 

The Use of Certification and Licensure Programs in Developing Career Path Models

April 27, 2016  | By  | 

Over the past few years there has become increasing interest in the number of ISO/IEC 17024 accredited certification bodies certifying personnel and with it a strong desire to map that knowledge to a particular profession. In particular, we have seen a number of organizations wanting to create what we call career paths based on certifications. The concept is that there is an entry- level credential and then more specialized credentials as the profession becomes increasingly more complex or moves into  more specialized areas. This post provides a brief discussion of Job Analysis and Career Path or Competency Models, and ends with a sample career path for the information security role based on DoD Directive 8570.1, and an example in healthcare. The goal is to provide an initial framework on how to use JA results in developing a Competency Model for a profession, thus leading to a career path for military and civilian professionals. 

Job Analysis and Profession Career Path or Competency Modeling

One of the requirements for a certification body to obtain accreditation is the conduct of a Job Analysis (JA). Within the certification industry, a Job Analysis is the systematic study of a job. Traditionally, the JA process has multiple steps. First, a group of Subject Matter Experts (SMEs) is convened to define what tasks and knowledge, skills, and abilities (KSAs) are required to perform the given job at a requisite level. The tasks and KSAs are then surveyed. Frequency and Importance information is collected on the tasks and KSAs. The goal of the survey is to identify what tasks and KSAs are important to the job and with what frequency are they performed. This data from the survey serves as the basis for the certification assessment blueprint.  Those who provide training are not allowed to participate in the process as it is viewed as a conflict-of-interest. With that said, education providers can use the assessment blueprint to develop training.

The term Competency Modeling (CM) is used loosely in our discussion and it has been challenging to find agreement on what exactly CM is. For our purposes, we are defining CM, within personnel certification, as various tasks and KSAs that make up a profession and not just a specific job. However, a career path model is a term that may also be used. As an example of this concept, information security and assurance is a profession, systems administrator is a job. Within both (profession and job) reside a common set of tasks and KSAs and equally important there maybe tasks or KSAs that are exclusive.

The Competency Model Clearinghouse provides some very useful information on the development of competency models. They list five steps in developing a competency model:

  1. Gather background information
  2. Develop a draft competency model framework
  3. Gather feedback from subject matter experts (SMEs)
  4. Refine the competency model framework
  5. Validate the competency model framework.

There appears to be great overlap between the conduct of a JA for certification and the development of competency models as presented in the Competency Model Clearinghouse. Like JAs the first step is to gather background information on the job being certified. Where there is slight deviation between the two is that JAs do not develop a draft competency framework, but rather the JA process develops a draft list of tasks and KSAs focused on a specific job and not the entire profession. For steps three to five, JAs and CMs gather feedback from SMEs and use survey data to make inclusion and exclusion decisions into the final content, thus validating the content.  One could argue that many JAs could result in validated data that can subsequently be used to develop a competency model for a profession.

How can one be sure that the data collected in the JA is accurate? Third party accreditation (ISO/IEC 17024)[1] is the best current option. A series of accredited certification programs which are increasingly complex and have a similar foundation may assist in the development of a competency model for a profession.   DoD Directive 8570.1 placed unique certifications into various roles within the information assurance and information security profession. In this example the pathways are not directly linear. The goal was to match the certification to the role, not to build a hierarchy.

Due to the proliferation of certification programs globally, it has become increasingly important to assure that certification programs are meeting stringent requirements. The ISO/IEC 17024 standard provides a mechanism for certifying bodies to be validated so that the public has confidence in the credential. The standard has many requirements including internal and external audit.

EXAMPLES

Information Assurance-DoD Directive 8570.1

In 2005, the U.S. Department of Defense unveiled its U.S. DoD Directive 8570.1. Generally speaking, this Directive required persons working in or with the DoD to have and maintain various ISO 17024 accredited personnel certifications. In the early 2000’s the DoD was tasked with trying to identify a method to help validate personnel and consultants who had some level of competence when working with government systems. The International Information Systems Security Certification Consortium (ISC)2 has provided some information as guidance on the directive.

What is U.S. DoD Directive 8570.1?

This DoD-wide policy, made official in August 2004 and implemented according to the requirements of DoD 8570.1M Manual in December 2005, requires any full- or part-time military service member, contractor, or foreign employee with privileged access to a DoD information system, regardless of job or occupational series, to obtain a commercial information security credential accredited by ANSI or equivalent authorized body under the ANSI/ISO/IEC 17024 Standard. The Directive also requires that those same employees maintain their certified status with a certain number of hours of continuing professional education each year.

This directive was developed to require any full- or part-time military service member, contractor, or foreign employee with privileged access to a DoD information system, regardless of job or occupational series, to obtain a commercial information security credential accredited by ANSI or equivalent authorized body under the ANSI/ISO/IEC 17024 Standard. The Directive also requires that those same employees maintain their certified status with a certain number of hours of continuing professional education each year.

Directive in brief

IAT Levels

The above chart was provided by the Defense Information Assurance Program (DIAP) Office. As of June 2005, the certifications shown above are the only commercial certifications DoD will accept as fulfillment for the 8570.1M requirement.

In the above example, two categories of professional are identified (Technical and Management), across three levels of information assurance. To move or work across three levels requires a worker to possess an ISO 17024 accredited personnel certification credential in that particular category. Within this “information assurance” competency model or career path model, certification credentials identify in which areas a professional can work.

In another example in the U.S., there is a career ladder based on certifications and licenses for nursing. Each credential is separate, but builds linearly on a career. The example is also from The Competency Model Clearinghouse.

building credentials

Certifications can be used to help identify where professionals reside within certain competency models. Some maybe more linear (e.g., nursing), while others maybe more lattice-like and complex. The bigger question becomes how can we best use information from our job analysis studies to inform competency model? Or is the bigger question, how do competency models, as defined in this post, inform certifications?

 

[1] ISO/IEC 17024 Conformity assessment—General requirements for bodies operating certification of persons is administered in the United States by the American National Standards Institute (ANSI).

Tags: ,

Categorized in: ,

Comments are closed here.