New certification seeks governance excellence

An international association will begin offering an exam this fall whereby technology professionals can earn a certification that recognizes their ability to bring governance principles to the way information and information technology (I&IT) are managed.

Developed by the Information Systems Audit and Control Association (ISACA), the certification will reflect deep knowledge in strategic alignment, performance measurement, value delivery, and risk and resource management.

ISACA, which works closely with the IT Governance Institute, says the certification is also influenced by expertise in popular governance frameworks such as COBIT and ITIL.

Eligible candidates will be those with five years’ experience or more in I&IT governance, and ISACA says some professionals might be grandfathered into the certification, which will be called Certified in the Governance of Enterprise IT (CGEIT).

Bob Frelinger, a Sun Microsystems executive based in Colorado who volunteers his time for ISACA, helped develop CGEIT. He says the certification should bring more focus to governance in the enterprise, highlighting its importance as part of the day-to-day activities within an organization.

“I don’t know if it highlights a gap so much as sets the path towards building the competency in IT governance,” says Frelinger, adding that professionals in finance and other fields may also seek CGEIT certification. “We’re hoping it’s not just for IT folks. Certainly there is a big business contribution to IT in an organization.”

ISACA has offered certifications of other kinds, including the nearly 30-year-old Certified Information Systems Auditor and the Certified Information Security Manager about five years ago. ISACA claims to have tens of thousands already certified with these designations.

The Canadian Information Processing Society (CIPS) offers similar certification, the Information Systems Professional (ISP), which reflects governance within broader IT competency and adherence to a code of ethics.

CIPS has been actively promoting the ISP certification for years, although a relatively small number of its own membership has achieved it.

Toronto-based IDC Canada analyst Alison Brooks says there’s a definite advantage to bringing some standardization around governance, and certification could lend some credibility to those trying to make it happen in the enterprise.

“You need some sort of ability to align across various organization and ways of thinking. It’s an ability to have some sort of cornerstone,” she says. “There are 110 different ways to effectuate good governance, but what’s the benchmark and where are things going?”

Frelinger says the certification will be beneficial not only to those who want to use it to advance their careers, but to employers who are struggling to keep up with changing compliance regulations, including Sarbanes Oxley in the U.S. and Bill 198 in Canada.

“These things should not be met in a project management approach. It shouldn’t be, ‘Oh, here’s a new requirement, how do we meet it?'” says Frelinger. “We need to take a more systemic approach.”

ISACA, which has Canadian chapters in Toronto, Ottawa, Winnipeg and other cities across the country, says it will begin offering the exam to interested candidates by next month, although those who hope to bypass the testing can begin exploring that now.

Related content:

Why business models matter

Partnership imperative

ITIL v3 offers strategic view on service delivery

What went wrong at Canada Revenue Agency

SOA: It’s architecture, not technology

Spotlight on Anil Arora, Statistics Canada

Q and A with Doug Horner, Alberta Advanced Education and Technology