Few IT directors or CIOs would disagree with the claim that having skilled employees is an important component of operating an effective IT department. Far more contentious, however, is the question of which skills are most beneficial to the organisation, and which IT qualifications and training courses are worth sending employees on to acquire them.
Perversely, the training budget for employees is often one of the first things to be cut during a downturn – after all, the business can at least survive without its staff progressing.
But that is a false economy in the long term; training existing staff is a highly economical way of improving the effectiveness of any operation, as well as a proven technique for retaining valued employees.
Still, IT budgets are down across the board, and making sure training investments deliver value is critical.
The value of qualifications
Many CIOs, particularly at large organisations, are clear about the value of staff training and certification in particular functions.
Tony Young, CIO of information management provider Informatica, says that no matter what happens, he’ll try to find the budget to send his staff on the training courses they need. “Every year, we spend twice the training budget,” he says.
Telecommunications provider Colt Telecom also believes in the contribution that qualifications make. “We’re very passionate about the skills and qualifications of IT people in Colt,” says CIO Mark Leonard. “Fundamentally, there’s a recognition that we’re trying to attract, retain and develop talent.”
In order to do that, the company has rolled out the British Computing Society’s Skills Framework for the Information Age (SFIA) across the organisation. “We’ve linked the SFIA into the career framework, so that employees can see what they need to achieve for the next level or a different role,” says Leonard.
SFIA provides a framework encompassing a large number of areas, not all of them technical. This emphasis on non-technical qualifications has been increasing of late, with ITIL proving a popular qualification framework and Prince 2 training still important.
Even the MBA is looking more and more desirable in IT staff because it shows a degree of understanding of the business – something which, as IT and the rest of the business align more closely, is in considerable demand.
“It’s very nice if someone’s got it, since it’s a damn good qualification,” says Alastair Behenna, CIO of recruitment consultant Harvey Nash. “The core elements of the MBA are outstanding, and I’m very interested in talking to someone with an MBA.”
However, in common with many CIOs, too many qualifications actually put him off. “You have to ask yourself how much time they’ve actually been working if they have this string of qualifications,” Behenna says.
Smaller companies, particularly those focused on development, aren’t necessarily so keen on certifications and qualifications.
When hiring software developers, for example, Jamie Turner, IT director of address information service Postcode Anywhere, looks mostly for interest in technical matters and a degree in computer science. These two will provide the flexibility necessary to adapt, he says.
Indeed, getting all of his developers together in one room to investigate a new technology can be a valuable team-building exercise. Furthermore, he says, when it comes to new technology, there are sometimes no training courses that offer more than what’s available on a website. “It’s usually better to give them the time to do their own research on the Internet than send them on a course,” Turner explains.
Technical topics
Most qualifications and certifications, however, are now becoming important signs of skills in specific areas. Within the security world, over the past few years, the range of security qualifications available to everyone from school-leavers to seasoned professionals has blossomed.
Many universities, including Royal Holloway, London Metropolitan, Leicester, Greenwich, Glamorgan, Birmingham, UCL and Westminster, now offer MSc courses in information security. The School of Information Risk Management (www.sirm.ac) operates some of these MSc courses and offers a post-graduate diploma in information security and assurance (ISA) leading to an MSc at Anglia Ruskin University.
The MCSE: Security (Microsoft Certified Systems Engineer) and CISA (Certified Information Systems Auditor) qualifications are becoming increasingly popular, while the Certificate of Ethical Hacking is a “very hot topic”, according to recruitment firm Computer People’s James Ramsdale, as is CISSP (Certified information security professional), as they teach the ways in which hackers work when trying to break into systems.
However, according to Vernon Poole, (CISM) head of business consultancy for IT consultancy Sapphire and a member of the Information Systems Audit and Control Association (ISACA)’s Information Security Management Committee, most adverts for information security professionals over the past five years have requested a CISM (certified information security manager) qualification.
This covers five main areas: information security governance; risk management; information security programme management; information security management; and response management. So much has CISM begun to dominate qualifications, ISACA has developed a new qualification for higher-level jobs: Certified in the Governance of Enterprise IT (CGEIT).
In the world of networking, Cisco’s CCNA (Cisco Certified Network Associate) certification is becoming almost a standard requirement for anyone wanting to enter the industry for a technical position.
“There’s a big demand for networking IT skills,” says Sage Lal, who manages the Cisco course at Nescot, Epsom’s college of further and higher education, in Surrey. Companies such as Virgin and BP are among the companies sending their staff to become Cisco accredited at Nescot. There they learn how to work with everything from wireless networks to satellite-based communications – something they’re unlikely to pick up through experience.
Cisco courses can be expensive, however, reaching into thousands of pounds for the most difficult and most sought after. Some companies offer their employees the chance to undertake such courses on the condition that they either share the cost or promise to commit to the company for a specified period.
Like Microsoft, Oracle, Sun and other vendors, application vendor SAP has training courses in its own products as well as in disciplines such as business process management.
Historically, these have been aimed at consultants, particularly those implementing SAP products. However, following feedback from end-users of SAP’s products, Susan Martin, global head of certification and training at SAP, has been developing new courses and expanding existing courses to cover material more useful for the end-user. She expects more companies to want to send their employees on these courses, although at the moment, uptake is still mostly among consultants.
Samantha Kinstrey, MD of 2e2 Training, says that product-specific training courses can be useful for teaching all the niceties of a product – at least in theory. However, they frequently come into problems in the real world.
“Most vendors don’t want to teach anything except their own product, but in most situations you’re going to be dealing with another vendor’s products as well,” says Kinstrey. It’s still necessary either for companies to teach the overlap between the different products or for employees to learn through experience, she says.
Bad education
Many organisations have found certain IT qualifications to be less useful than they had anticipated. Postcode Anywhere’s Turner says that some developers who have been on ‘boot camp’ style training courses will look good on paper, but when asked to explain code they’re supposed to have written, they will soon reveal themselves not to have the necessary expertise. Colt’s Leonard says that he wouldn’t rely on qualifications to demonstrate skill: he also uses interviews and the company has an assessment centre.
It’s not just in technical areas that some qualifications can fall short. Informatica’s Young says that people with Project Management Professional (PMP) qualifications, while they understand the requirements of project management, can frequently be dogmatic. “They’re usually more concerned with the process,” he says. Since PMP isn’t IT-specific, that means a tendency to try to make IT fit to PMP rather than vice versa.
And that’s not the only opposition to the use of qualifications: Some CIOs are resistant to the idea of training up employees in case they demand higher salaries or move to other companies. However, 2e2’s Kinstrey says that that is rare.
Informatica’s Young says that training staff as much as possible often encourages them to stay, since it shows the company values them and gives them job satisfaction. Eventually, however, some employees will leave. “If they do, I want them wherever they go to think to themselves, ‘That was the best IT shop I ever worked at, and because I worked there, I’m the best person at this shop.’”
Clearly, qualifications and certifications can be useful, provided they are chosen carefully. Certain kinds of training may be unnecessary or even counter-productive when dealing with highly technical individuals, but investing in employees will lead most probably – particularly in the current economic climate – to greater job satisfaction and improved performance.
CIO qualifications
The fact that a chief information officer (CIO) or IT director has reached the top of their particular tree does not mean there is no room for improvement.
For many, the MBA is still the qualification to have for current and aspiring CIOs. But Tim Cook, head of global executive search firm Russell Reynolds Associates’ CIO practice, says that the MBA is a nice-to-have, rather than a vital qualification. He looks for other things, such as evidence of intelligence, being a self-starter and the ability to understand the business as well as technical issues.
While being able to understand the nature of a business is a good thing, Chris Miller, UK senior vice president and general manager of CA, also argues in favour of some kind of sales training.
“I often say that the CIO is the biggest salesman in the organisation,” he comments. Selling the role of IT to a sceptical board, for example, may require skills not typically found in IT professionals.
Miller has been helping to develop the IT management for business degree courses now running at 12 UK universities. The course is only available on a full-time basis, but Miller claims that those who get the qualification are putting themselves on the fast track to the CIO role.
This year, London’s City University launched the Centre for Information Leadership, which it says will help “develop the CIOs of the future” through short courses, continuing professional development (CPD) modules and doctorates.
The centre was launched in reaction to the growing significance of strategic information management in government and business, the University says, combined with the paucity of relevant training required.
When he unveiled the project in June, City University’s head of computing Dr Andrew Tuson said, “There is currently no centre in the UK that aims to bring an interdisciplinary approach to the development of CIOs, supported by truly independent, evidence-based strategy and policy work.”
However, so varied are the skills required to be a good CIO, and so reliant on domain knowledge is the role, that some question the value of a CIO-specific qualification.
Tony Young, CIO of Informatica, says that a group of CIOs in Silicon Valley with whom he networks is considering setting up a training course for CIOs. “I’ve asked them why,” he says. “The only answer I can think of is for the money.”
