The COVID-19 pandemic has disrupted employment and education in the U.S. and other countries. Experienced and aspiring practitioners within computing occupations need to manage their qualifications with respect to current market needs. Achievement of professional certifications along with formal education, experience, and licenses provides the basis for employment qualifications.
This article focuses on certifications in the context of the U.S. job market across a range of computer occupations, such as software developer, information security analyst, computer network architect, and Web developer, as described by the U.S. Bureau of Labor Statistics (BLS). Practitioners working outside of the U.S. may find that the market analysis discussed here differs from their own experiences. Analysis of the U.S. market provides context for the discussion of certification attributes to consider when selecting a certification for investment of one's time, reputation, and money.
This article aims to help answer the following questions:
- How does certification affect employment?
- How does one pick a certification?
- What are the consequences of any particular choice?
While comprehensive answers to these questions cannot be provided in one article, this article should help frame answers to them.
This article investigates a number of dimensions related to certifications and focuses on the following (in order):
- Certification demand
To begin exploring the relationship between certification and employment in the U.S., certification demand is viewed from two perspectives. The first is from an employee's perspective as observed in the BLS Current Population Survey (CPS). The second is the employer's perspective, which is based on analysis of requested professional certifications found in job listings across the U.S.
CPS is a monthly survey based on U.S. household responses as opposed to a survey of businesses. This survey includes questions regarding work-related licensing and certifications. Unlike certifications, licenses are issued by a government entity and are required in order to practice legally specified occupations.
In 2019, Cunningham3 reported on results related to these questions, and all values cited from this report are annual 2018 averages. Cunningham reports an average of 13.5% of U.S. workers within the Computer and Mathematical occupations state they have a license or certification.3 Of that 13.5%, 6.6% have at least one certification. Cunningham reports that those with associate degrees within Computer and Mathematical occupations are the largest group by formal education to hold certifications or licenses (19%). Of the workers holding master's degrees, 14.5% have a certification, and doctoral degree holders slightly edge out bachelor's degree holders, with 13.3% versus 13.0%, respectively. The CPS shows that 413,000 (59.9%) employees in Computer and Mathematical occupations were required, according to their positions, to attain a license or certification while 277,000 (40.1%) reported that their certifications or licenses were not required.3
Based on these statistics, the report indicates a minority of Computer and Mathematical professionals has a license or at least one certification. Of those who do, a majority of practitioners is required to have them. Computer and Mathematical practitioner responses show licensing or certifications are useful for completing or enhancing qualification portfolios regardless of the level of formal education achieved.
Background. Before presenting employer certification-demand findings, it is necessary to describe the methodology in order to assist in interpreting the results. The certification-demand analysis was performed using the Economic Modeling Specialists International (EMSI) dataset. To populate the dataset, EMSI combs through 100,000 websites, effectively capturing job listings for more than 1.5 million companies. The same job listings regularly appear on multiple websites. To reduce duplicates, EMSI uses a machine learning-based duplicate-detection process.
Remote or location-neutral listings (for example, a search for a single team lead who can be located in either Atlanta, New York, or Los Angeles) are counted as unique listings from within each targeted job market, despite referencing the same opening. An extract from the EMSI dataset for March 2019 through February 2020 was constructed for the BLS Standard Occupation Classification (SOC) codes consistent with the Computer and Information Technology occupations (15-1100) within the Computer and Mathematical category (15-0000). There are 12 distinct subcategories under 15-1100 and one general catchall category. EMSI uses the BLS classification scheme to organize the hundreds of thousands of listings it collates.
There are two major sources of ambiguity in these results. The first is that an opening that requests one certification from a list of alternative certifications is counted as many times as the number of certification alternatives listed within the job listing. Job listing over-counting is most prevalent in occupation categories where there are a variety of desirable alternatives.
The second source of ambiguity is that not all certification entries represent a distinct certification. Some reference families or categories of certifications. For instance, Global Information Assurance Certifications (GIACs) are a family of certifications issued by the SANS Institute. Some job listings, however, specify particular certifications within the family, such as GIAC Security Essentials Certification. For this article, references to categories or families of certifications were left intact to preserve the more general tenor of an employer's interest.
Results. Top-15 analysis was used on records from 10 job subcategories, which is 77% of Computer occupations by BLS subcategory count. This article presents detailed results for three sub-categories: information security analysts, computer network architects, and software developers. Top-15 certification analysis counts and ranks certification name appearance, which helps in understanding the popularity of or interest in particular certifications. An important attribute of this analysis is the number of records not represented by the set of identified top-15 certifications. This quality of representation is called certification-demand coherence.
The Information Security Analysts (15-1122) subcategory in Table 1 had the highest level of certification-demand coherence, with top-15 certifications being requested in 95% of more than 345,000 listings. Computer Network Architects (15-1143), in Table 2, was the second highest, with top-15 certifications being requested in 52% of more than 38,000 listings. Table 3 focuses on the BLS Software Developers (15-1132) subcategory. EMSI data shows that only 2.72% of more than 1,780,000 listings are represented by its particular top-15 subset of certifications.
The overall trend of certification-demand coherence across occupation subcategories rapidly drops beyond the first three occupation subcategories as seen in Figure 1. The likely reasons for a listing not to be represented are either a certification is listed but not present among the top 15 or no certification is mentioned within the listing. These reasons act as opposite ends of a continuum on which the overall unrepresented listing collection falls. To better understand the first reason, the certification market for a particular occupation subcategory may have many desirable certifications, thus spreading out demand beyond 15 certifications. A possible example is subcategory 15-1151, which has 17.9% demand coherence and 12 out of 15 certifications with occupational focus. To explain the second reason, it is possible that an employer is unaware of suitable available certifications or disinterested in requesting a certification for a particular listing.
Figure 1. Certification-demand coherence by BLS SOC code. SOC codes are explained on the BLS website.2
The remaining occupation areas are described at a summary level in Table 4. Nearly four million listings did not request any of the certifications identified in any of the top-15 analyses performed across the 10 subcategories. Given the idiosyncrasies in job-listing counting and certification labeling, these results align fairly well with Cunningham's finding of 6.6% certification achievement reported in the CPS. The last six occupation areas listed in Table 4 appear to indicate that certifications are of low interest in computing occupations. When considering the first four occupation areas, practitioners would be wise to seek out at least one certification. Considering that diversified certification demand within an occupation area undermines the ability of top-15 analysis to gauge overall certification demand, further investigation into appealing job opportunities is recommended prior to dismissing the need for certifications in general.
Table 4. Summary results table by SOC in certification-demand coherence order. SOC codes are explained on the BLS website.2
There are a number of stakeholders who have a vested interest in certifications, such as candidates/employees, employers, and issuing authorities. Each has a distinct rationale for their interest in or involvement with certifications. These motivations contribute to the dynamics within the approximately $US2.6 billion worldwide training and certification marketplace.14 This section explores motivations among candidates/employees and employers.
Candidates or Employees. Although certification-demand coherence is currently soft for seven of the 10 categories in the U.S., certifications should be anticipated to be either an explicit or implicit requirement for positions in the first four occupation areas represented in Figure 1. Labor supply and hiring practices within a geographic region relevant to an open position dictate how flexible posted certification requirements are.
The demand for certification is more pronounced in a number of non-U.S. job markets, such as the U.K., the EU, Canada, Pakistan, India, Singapore, Thailand, and Japan, where a credible certification confers standing within an area of competency.8,17 Often, an arbitrary certification does not satisfy or exceed expectations. A candidate should consider an employer's expressed certification requirements for opportunities in job subcategories with low demand coherence.
Employees may be challenged through their performance review process to pursue professional development by achieving or maintaining employer-desired certifications. As seen in the BLS CPS discussion, roughly 40% of certification holders are not required to have certifications. One motivation for these CPS respondents is that their employers look favorably on an employee's commitment to competency development and may award greater compensation to preserve their value in-house. Independent of employment and compensation considerations, achieving certifications can lead to personal growth and confidence.
Working and remaining relevant in dynamic computing occupations requires practitioners to seek lifelong learning. Kruchten raises the notion that relevancy of knowledge and skills in software development has a half-life, which is a notion applicable to many technology fields.10 Certifications facilitate lifelong learning by providing a well-defined, compiled set of knowledge and skills, often supported by accessible learning resources—for instance books, courses, videos—and an assessment to gauge proficiency. Continued learning after initial certification is thought to be as valuable as the initial accomplishment because most computing certification knowledge areas regularly experience change.
At work, opportunities may not track with market changes. A current employer may be unable or unwilling to pursue certain prevalent technologies. When it comes time to leave, the mismatch between the current state of the market and actual experience may present challenges when seeking new work. As candidates, practitioners may find relevant certifications as an adequate means to compensate for experiences that do not track well with popular practices and technology requirements. Although ambiguity regarding certifications in a job listing raises concern, close certification-topic alignment with a position's responsibilities is more likely to be taken into positive consideration.
Employers. The working knowledge and available skillset of each employee, brought to bear each day, has the potential to help the organization realize its strategy, generate revenue, or fulfill its mission. With each organization being unique, training new hires in the essential policies, processes, and systems cannot be avoided. If the labor supply is robust with relevant qualifications, employers are able to limit the amount of in-house training for role-relevant knowledge and skills. In addition to specifying the types and levels of formal education, certifications can be a convenient means of specifying the types of knowledge and skills needed for a particular role.
Competition in a vigorous market urges a business to produce better products or deliver more desirable services at a sustainable price before the competition. This often hinges on the development and adoption of new technology—built in-house or provided by other sources. Designing, implementing, and maintaining new technology requires people who can work through technical complexities and unknowns. The ability to diverge from an established strategic direction to another requires foresight, an agile workforce, and the enablement of business processes. Businesses that are motivated to stay competitive require a risk-taking workforce that is constantly learning. Encouraging employees to learn new technologies and their real-world application improves the workforce's readiness to pivot to a new strategic path.
Certifications on new topics are often available sooner than new course content within postsecondary education programs. Technology providers that are motivated in seeing their technology being used provide training and certification soon after product availability. The $US2.6 billion market is large and competitive. Aggressive issuing and training organizations produce certification materials for topics they believe eager technologists will embrace. Recognition is critical to a certification's success, so early market penetration of a credible certification improves its legitimacy, network effect, and reputation as demand for the subject area grows. For example, the Certified Information Systems Security Professional, ranked first in Table 1, first launched around 1994, when commercial Internet was experiencing initial business adoption.
There are risks that the workforce can both precipitate and mitigate. Seemingly mundane decisions and actions may result in life-threatening operational or product failure, malware infestation, intellectual property disclosure, or a customer data breach. In regulated industries, these incidents may result in fines or loss of license to operate. In lieu of licensing for most of the computer occupations discussed here, certifications are the available mechanism to independently verify competence. This may be a motivation for the three security certification entries in Table 2 and two security certification entries in Table 3.
The U.S. Department of Defense (DoD) departmental directive, DoD 85701.01-M, requires verified competence in order for information security controls to be properly managed and for qualified staff to make risk-management decisions.4 Banks subject to the U.S. Gramm-Leach-Bliley Act (GLBA) Safeguards Rule are evaluated for the qualifications of the personnel enabling the bank's comprehensive information security program.6 Security is inherently a risk management subject; however, competence in network and system design, software engineering,12,13 and other technical knowledge areas are also necessary for employers to avoid computing-related health, safety, and security risks.
The valuation of a certification involves two parties. The first is the assessee, a stakeholder invested in a particular certification (for example, the issuing authority, certification holder, etc.). The second party is the assessor, who determines if the certification is of value to them (for example, an uncommitted practitioner, employer). As depicted in Figure 2, the value placed on a particular certification depends on the assessor's determination of value. The assessee has committed to the certification and is bound by this value judgment until an opportunity for change is presented. This section explores evaluation of certifications from the assessor's lens.
Three primary attributes of an assessor's determination of value are competence, relevance, and recognition. The product of these three attributes determines value. Competence is the level of subject-area proficiency achieved by a candidate who successfully attains a certification. Relevance relates to a certification's particular fitness-for-purpose. Recognition relates to how easily an assessor can recall the existence and significance of a certification.
For example, a software manager recognizes the significance of CPA as certified public accountant. However, having a CPA is not particularly relevant to filling a software architect role for a customer-service mobile app. In this scenario, the poor fitness-for-purpose terminates value evaluation. The level of accounting competence the CPA represents is disregarded. The effective value of the CPA is zero for this scenario. For practical application of this informal value calculus, the assessor must situate the evaluation of value into a context of need.
Perception of competence and actual competence are often misaligned. Obtaining a certification rarely results in actual competence for a particular certification holder. Select experience, in addition to passing exams, is required for some of the certifications listed in Table 1. Tripp indirectly supports this notion by his caution that the IEEE-CS Certified Software Development Professional (CSDP) is not a guarantee of competence. Instead, it is but a measure of an individual's understanding of a certain level of professional practice.15 At best, a certification is a convincing positive indicator of actual competence. Actual competence is determined in part by experience, personality, intellect, and the sum of a person's entire learning.
Relevance is rarely independent of need. A manager, for instance, evaluates the degree of alignment between the intended role and a certification's associated knowledge, skills, code of ethics, and prerequisites. Mangers are unlikely following a formal evaluation rubric. Instead, they often rely on impressions formed by talking to peers, past employee performance, marketing, and possibly performing a task-technology fit analysis.
Knowles et al. investigate cybersecurity certification assessment approaches and their ability to assess competence.9 Although Knowles et al. are interested in determining competence assessment usefulness, the assessment approach relates to relevance as well. Consider the Electronics Technicians Association (ETA) International's certifications—some are purely conceptual while others are blends of skills and concepts. An employer looking to fill a senior technical role may find ETA International's hands-on certifications more relevant than purely conceptual ones. Although difficulty in obtaining a certification often comes to mind with respect to value, difficulty contributes to value if the challenge improves relevance of the certification to a role's responsibilities.
Recognition by an assessor is essential in the value calculus. A well-recognized certification has the potential to impart significant credibility to the assesee if the assessor has an overall positive perception of relevance. Without recognition, actual competence and relevance represented by a certification is unlikely to be acknowledged. Moreover, the challenges the assessee must overcome to obtain the certification are likely to be underappreciated. The value of an unrecognized certification is essentially zero from a particular assessor's perspective. If this is generally true for a given market, the effective value of the certification in this market is near zero. A certification's network effect and branding are essential for assessors to better align their perception of value with actual value.
Although the focus on recognition has been on a specific certification, the intended market needs to recognize the role and potential of certifications in general. Low certification-demand coherence and the appearance of 12 non-development-related certifications in Table 3 appear to indicate low recognition or appreciation for software development-oriented certifications. This observation is consistent with Seidman's analysis of software engineering-certification interest in his 2014 ACM Inroads article.13 As a practical example, this broad issue may pose a recognition problem for candidates holding the IEEE-CS Professional Software Engineering Master (PSEM) certification, which replaced the aforementioned IEEE-CS CSDP.
Certification quality drives the competence and relevance value attributes determined by assessors. Given the influence of recognition, low value does not necessarily mean low quality. Quality of a certification results from addressing three interrelated aspects of organizational quality. The first is foundational and relates to how an issuing authority goes about the general business of certification. The second aspect addresses the certification's competency model and how competence is assessed. The final aspect is the body of knowledge and professional behavior specified as the curriculum or the content scope of a certification. The first aspect strongly influences the outcome quality of the other two. Dependence between the second and third aspects exists, because the competency model cannot be fully designed without the content scope specified. Multiple credible certifications can focus on the same competency content but seek to assess different levels of proficiency—for example by evaluating Novice, Competent, or Expert within the Dreyfus competence model.5
The relationship between an issuing authority's governance and certification quality is analogous to the relationship between universities' academic administration and the degrees they confer. Accreditation of the university and degree program levels is often a requirement for discerning stakeholders. Along the lines of accreditation of issuing authorities, an international standard, ISO/IEC 17024:2012, has been established. ANSI accredits U.S.-based issuing authorities grounded in ISO/IEC 17024:2012.1 Compliance to this standard has become essential within the cybersecurity domain. This is due, in part, to DoD 8570.01-M,4 which directs employees of certain functions to obtain cyber-security certification. These certifications must be from ISO/IEC 17024-compliant issuers. The effect of this directive can be seen in Certification Demand by the presence of the entry "IAT Level II Certification."
Seidman and Kruchten both advocate for stakeholders to seek compliance with this standard as well.10,11 ISO/IEC 17024:2012 provides development and maintenance requirements for personal certification programs. The standard seeks to address assurance that a certificate holder meets the requirements of the certification, and that assessment and periodic reassessment of competence follows globally accepted processes.7
Underpinning each certification is a unique competency model. This model states the cognitive or knowledge-processing level expected for each component of the body of knowledge and level of skill proficiency.11,16 The model describes the means by which a candidate demonstrates required competencies and how performance is evaluated.11 This model instills coherency within the design, development, testing, and delivery of assessment. The educational aspects of certifications should align with the model as well. Although developed independently, this common alignment improves the likelihood that educational content and services adequately prepare a qualified candidate for the upcoming assessment. Any stipulations for pre-certification qualifications are formally presented in the competency model.11 These pre-certification qualifications function as a benchmark by which to assess prior achievements, and they help to characterize the expected audience when developing assessment and training materials.
Generally, the content scope of a certification often consists of a topic-oriented body of knowledge and possibly a code of professional behavior. Technology-vendor certifications tend to focus on their technology as the sole orientation of their certifications. Professional-practice certifications are incomplete without a code of professional behavior, which often consists of a code of ethics and accepted standards of practices.11,15,17
To extrapolate from Seidman's discussion on software engineering certification, the code of ethics outlines the moral principles and ideals for socially responsible performance of professional responsibilities relevant to a line of work.11 The body of knowledge is a compiled set of understandings, such as facts, concepts, principles, tools, measures, methods, and goals. Useful bodies of knowledge, such as Software Engineering Body of Knowledge ISO/IEC TR 19759:2005, are drawn from established understandings that are found to be relevant and reliable by stakeholders invested in a topic. A certification's relevance and perceived practical competency is strongly influenced by the process used and contributors involved to form the content scope.
Achievement costs are related to the preparation and completion of certification assessments. Certifications require preparation time. Certifications require preparation resources, such as practice exams, books, and training courses. Many certification exams can be taken at local commercial testing centers, but assessment availability may require the candidate to incur travel expenses. Finally, there are the exam fees. As part of this cost item, there may be an application fee in addition to the exam fee. Exam fees are established to cover testing-center expenses as well as exam authoring, quality, and maintenance costs. Assessment grading may be automated; however, greater costs should be expected if grading requires human involvement. Practice or skills-based assessments requiring specialized equipment have fees to cover the capital and operational expenses necessary to supply the assessment environment.
Many certifications are designed with recertification requirements to be completed within defined renewal cycles. Recertification often involves maintenance costs, such as annual maintenance fees with the issuer and/or possibly a recertification fee charged upon renewal. Vendor- or technology-centric certifications effectively expire upon new major product releases, requiring the passing of additional assessments tailored to the new release in order to maintain currency. Recertification for vendor- or technology-neutral certifications typically involves ongoing education. This education requirement may incur education fees depending on availability, types, and quality of education stipulated by the issuing authority. A holder may be able to apply direct professional practice to recertification. Conferences and formal instruction offerings are likely to impose a fee. Non-local in-person offerings incur travel expenses.
Although an education opportunity is provided at no cost, the time to attend is unavoidable. If one holds multiple certifications, the chances of non-overlapping recertification requirements is high. To diversify the types of education sought within a recertification cycle, an issuer may specify the number of times a certain education type or topic area may be applied. Recertification costs may overtake achievement costs in the long run.
Opportunity costs are intangible and yet real. The most apparent cost item is work-life balance. The time spent preparing for and maintaining a certification is often in addition to work and personal demands. Within any popular category of certifications are multiple options from which a practitioner must choose. Given the financial outlay and work-life balance issues, for some it may be a burden to hold numerous certifications within closely related or overlapping focus areas.
Professional mobility is another opportunity cost to consider. Although Seidman raises mobility as an issue with regards to software engineering,11 it is reasonable to broadly consider that employers within a particular country may not recognize a particular localized issuer, competency model, professional practices, the body of knowledge, or the assessment as being relevant in their country for their purposes. While certifications may be cheaper than a college degree in the short term, not pursing a post-secondary or graduate degree may have its own opportunity costs regarding advancement or career flexibility.
In many countries, professional certifications provide credible evidence of a practitioner's competence in areas of focus. In the U.S., the value placed on certifications is not consistent across computer occupations. Consider the certification-demand coherence of an occupation subcategory when investing in a certification. Low coherence is a sign that receptiveness to the achievement of a certification is more strongly linked to an employer's explicit expectations. Recognition for an unrequested certification may be too low to make a favorable impression. If the opportunity presents itself, advocating for the worthiness of a relevant but unrecognized certification might help tip the value calculus to a favorable value determination. When seeking to diversify one's career, recent role-relevant experience may still be necessary beyond achieving a relevant certification.
When choosing a new certification, consider one's desired occupation. The value of achieving a particular certification is strongly influenced by what employers think about that credential. Greater demand coherence appears to indicate a lower risk for choosing a certification prior to focusing on a particular job opportunity. This should hold true on the condition that the choice falls within the current set of popular certifications. Consider investing in ISO 17024-compliant certifications; this standard is gaining in stature as a quality criterion. An ISO 17024-compliant certification counters the perception of non-compliance as being a deficiency. Recertification should be embraced. The education required for recertification encourages currency and familiarity with the focus area.
Investment in many quality certifications continues after achieving the certification. Recertification requires time and money commitments within each recertification period. A good time to reevaluate a certification investment is at the time of renewal. Some questions to consider are: What is one's level of satisfaction with one's present role and related career path? What alternative certifications with higher assessor values could replace the present certification?
However, do not let a certification expire if it is vital to one's livelihood; this may result in job loss—for example, DoD 8570.01-M policy4—and reputational damage. Restoring an expired certification may require satisfying the current assessment requirements.
Taking on constructive challenges and new learning are both valuable for personal growth, insight, and confidence. Although personally valuable, certifications are subject to market perception, assessor value judgments, quality considerations, and personal costs. One should be clear about each certification's contribution to one's career prospects and related post-achievement commitment.
1. ANSI Personnel Certification. https://anab.ansi.org/credentialing/personnel-certification.
2. Computer and information technology occupations. U.S. Bureau of Labor Statistics. https://www.bls.gov/ooh/computer-and-information-technology/print/home.htm.
4. Information assurance workforce improvement program. Department of Defense (Nov. 2015). https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/857001m.pdf.
6. Information security and financial institutions: An FTC workshop to examine GLB safeguards. Federal Trade Commission (July 2020). https://www.ftc.gov/system/files/documents/public_events/1567141/slides-glb-workshop.pdf.
7. ISO/IEC 17024:2012(en) Conformity assessment—General requirements for bodies operating certification of persons. ISO. https://www.iso.org/obp/ui/#iso:std:iso-iec:17024:ed-2:v1:en.
12. Seidman, S. An international perspective on professional software engineering credentials. Software Engineering: Effective Teaching and Learning Approaches and Practices. IGI Global. eds. H.J.C. Ellis, S.A. Demurjian, and J.F. Naveda (2009), Ch. 18.
14. IT training. https://trainingindustry.com/wiki/it-and-technical-training/it-training/.
Copyright held by author/owner. Publication rights licensed to ACM.
Request permission to publish from [email protected]
The Digital Library is published by the Association for Computing Machinery. Copyright © 2021 ACM, Inc.