Friday, August 01, 2008

Certification Testing Meets "CSI"

Sometimes it doesn't take much for me fixate on topics, as my wife will willingly attest. Since reading that Pearson Vue and Cisco will begin implementing additional security measures for certification exams beginning Aug. 1.

For up to 72 hours after the exam, a forensic analysis of your test can be conducted to see if anything transpired that shouldn't have.

If it's determined that you shouldn't have passed the exam, your score will be invalidated and additional consequences may be given.

Also, all paper score reports will now include your photo and an authentication code that can be used to check your real score (after that "forensic analysis") online.

While I'm all for testing centers justifying their existence, I have to question these measures. First, I'm not sure whether it helps to put my picture on a test report that the company now won't even say is valid. Supposedly, by the time we get to the printed form, my ID has been checked and a digital copy of my signature has been collected. To how many people does Vue think I show the printed score report? If anyone asks, I'd just tell them whether I passed or failed; I wouldn't even bring up that slip that says my understanding of the OSI model is weak (that stays my secret).

Secondly, exactly what type of "forensic analysis" are you going to conduct in 72 hours? If you want to see whether I answered questions that take 60 seconds to read in only 10, why couldn't that be done while I'm still at the test station? One of the supposed benefits of computerized testing is that software and algorithms can analyze what's happening in real time (remember "adaptive testing"?) and not three days later.

I wanted to know more, so I contacted Vue and asked exactly what type of "forensic analysis" will be performed. Mark Poole, Pearson Vue's director of test security, declined to share some information due to a need to preserve the integrity of proprietary detection strategies, but he did shed a great deal of light on the topic.

"We plan to analyze a range of exam and program data for aberrant behavior," he said. "Forensic analysis will take into consideration factors such as item latency (time spent on test questions), item performance (how well candidates do on certain test items compared to others), pass/fail rates and a range of other program metrics. We also monitor Web postings and online discussion forums, and use secret shoppers to follow up on tips."

According to Poole, the analysis is done in-house using a combination of automated software analysis and human examination.

A number of other vendors are already using some of these services; there's hope that others will want to implement them in the near future.

I next contacted Prometric to find out its take on the topic and if it had any plans to roll out similar services with certification exams from Microsoft or other vendors (having stopped offering Cisco exams a while back). According to Jodi Katz, public relations manager, Prometric already offers a "data forensics" service to clients.

"Our data forensics service provides analysis of items and exams to detect and flag abnormalities in the test process," Katz said. "Data forensics looks to identify unusual response patterns, unexpected candidate behavior (e.g., ending the test early, requesting frequent breaks, skipping large numbers of items, spending an inordinate amount of time on selected items) and sudden performance improvements (both localized and universal) which can all be indicators of a potential security concern that can be investigated by a thorough review of the various files generated during a test event. Prometric maintains an extensive amount of data during each test event, including the time spent on each item, the frequency with which responses were changed and the number, time and duration of all breaks. "

I have a history of questioning the need for such test centers in today's IT environment. Given the value being added through these services, however, I think their existence IS justified. I would encourage every vendor to consider adopting similar analysis for their exams to curtail cheating and keep the certifications valuable.