During our Out of the Box Live show over a week ago with our guest Wendy McLain, I took a little detour to explain my view of what I see as the four pillars that warrant deep dives in support of information governance (IG). The issue came up when we asked Wendy if she thought practitioners should get their IGP, CRM, CIPM, CEDS, etc. Our collective answer was that it depends on your professional interests and ambitions.
From my point of view, the IGP designation (Information Governance Professional) is the overarching certification designed for those who aspire to become the overseer of the entire IG program within their organization. Those that get to that point in their careers usually come from a deep dive in one or more of the below:
Before I begin discussing my perspective on these career and certification tracks, a quick disclaimer: although I currently chair the IGP Certification Board, the opinions expressed here are strictly my own, and not those of the IGP or ARMA International. Also, the certifications discussed here are offered as examples only, for there are a myriad of other designations to consider depending on your employment needs.
As most of our readers know, RIM or IG are not exactly the career paths we grew up dreaming of as children. Most of us fell into our positions, since a career in RIM does not necessarily sound glamorous. I will never forget the day we were hosting new friends in our backyard, when the subject of what you do for a living came up. When it was my turn, I excitedly gave my 2-minute explanation, but then I noticed that the guy across from me had fallen asleep during my spiel – red wine in hand practically tipping over.
But I digress. When it comes to the college degree, as my children will tell you, I would insist on it if you are just planning to start a career. I don’t care the major. I just need you to have a solid foundation that shows critical thinking, analysis, ability to complete multi-year tasks, reading, and writing skills. If you happen to be lucky enough to know that you want to go into records and information management (RIM) or IG early in your career, there are schools like LSU and San Jose State that offer a bachelor’s and other advanced degrees. There is also the Library Science major, which teaches key foundational skills needed for information governance.
Certain advanced degrees also give you a foundation that may suffice to avoid a deeper dive into certification altogether. For instance, a law degree is interrelated with most key IG elements such as discovery, privacy and compliance. This was my career path and it has served me well. However, I often wish I had a CRM or CIAPP certification to give me the peace of mind that I have a solid foundation for what I preach in our industry. I certainly would have pursued one of these if I had to compete in today’s job market.
One you are equipped with that college degree (or the old school of hard knocks, which I will discuss below,) either your interests or the needs of your employer may determine what certifications you will need. That said, there are clear avenues to deep expertise in the four key pillars of information governance.
I am a huge fan of the CRM (the Certified Records Manager designation administered by the Institute of Certified Records Managers). It is a tough exam designed to truly vet a professional in the RIM space. It requires critical understanding of not only traditional RIM practices, but also translation of those RIM practices into the modern electronic world. I know there are lots of people that somehow see the CRM as being in competition with the IGP, but that is so far from the truth. The CRM is a key deep dive into a critical component of IG. If I were a baby IG professional without a law degree, I would have certainly started with the CRM.
Followed closely to the CRM, and gaining much more traction these days, the Certified Information Privacy Manager certification offers a deep dive into privacy workflows and key areas of privacy competence. Many attorneys and paralegals choose this certification over a CRM because it is a more natural extension of their professional degree. The legal space has become so crowded that even lawyers are seeking ways to distinguish themselves from the competition. The CIPM is administered by the International Association of Privacy Professionals.
Prior to the relatively recent nascence of the CIPM, the e-discovery space had been offering certifications such as the CEDS (Certified E-Discovery Specialist) to give credence to professionals trying to advance when it comes to legal holds and the workflow associated with discovery, as shown in the EDRM.net model. The CEDS is administered by the Association of Certified E-Discovery Specialists.
Finally, and perhaps most foreign to me, are the highly technical certifications offered in the security space such as the CISM (Certified Information Security Manager) or the CISSP (Certified Information Systems Security Professional). These are the certifications typically held by those that came from the IT space, including a degree in IT engineering or years of experience in the space. This is a critical deep dive that intimidates most IG professionals, because it is much drier and does not offer the relative breadth of say a CRM. For a good primer on both of these certifications go to Varoniscom.
You may have noticed that I did not include the IGP under the Deep Dive pillars section. This is because the IGP is a certification designed to give you a broad breadth of knowledge across the four deep dives noted above. I would recommend the IGP for anyone who, at minimum, already has deep expertise in one of these four areas. To go straight for the IGP without one of the other deep dives, I worry you will not have the perspective needed to truly oversee an IG program. The IGP certification is administered by ARMA International.
It is entirely possible that many others have come up the ranks through the old school of hard knocks. For many with extensive experience it might feel downright silly to pursue certifications considering that after 30 or 40 years in the industry you have more than earned your stripes. That said, I would argue that for those who may be at the mid-level of their career, the certifications could give you a leg up on the competition when seeking new job opportunities or advancements. Increasingly, for example, employers are requiring the IGP or CRM as minimum criteria for hiring.
Furthermore, even though you may have earned your stripes after 20+ years of work in RIM, for instance, you may still have some educational gaps in deep dives that have become more prevalent in the last few years like privacy and security. Also, if you are up for a C-level position overseeing an entire Information Governance program, the IGP could give you a much needed educational overview of all the touch points you will be overseeing in your position. I would argue the IGP should be a pre-requisite for anyone stepping into the shoes of CIGO or Director level of an Information Governance program.
For more on how cross-disciplinary expertise can inform more effective information management, check out this Infographic: The Changing Information Governance (IG) Paradigm