Business Continuity

The BCM bubble

3 March 2009

What does it really mean for an individual to be “certified” in business continuity?

View photos

Related Categories

• BUSINESS CONTINUITY

From this Section

• FEATURE

Like the euphemism “subprime”, the word “certified” is losing its meaning in Asia as the number and variety of Business Continuity Management certifications and their purveyors mushrooms. Attend a course, get the certificate and poof! You’re certified!

You can get certified by the BCM Institute as a Business Continuity Certified Professional (BCCP) with no prior BCM experience if you fork out US$840, spend one day in a class and another half day on a fifty-question test without having to answer all of them correctly – a fast-track bargain by any standard. The BCM Institute offers plenty more certifications, too.

There are other similarly get-certifiedquick courses, and I have no reason to think there is anything wrong with them. But it is misleading to think of those who take them as being “certified” in anything.

Just how meaningless can the word “certified” be? Unrelated to BCM but nevertheless illustrative, in Singapore you can become a Certified Service Professional (CSP) in just five days for US$430. The government programme to improve interpersonal skills of restaurant workers, retail clerks and hotel receptionists is advertised on public buses here. It would be risible if it weren’t so derisive to both service workers and to the concept of certification.

The Certified Business Continuity Planner (CBCP) designation awarded by the American DRI International (DRII) and the Member of the Business Continuity Institute (MBCI) by the British Business Continuity Institute (BCI) are qualitatively different. Both are nationally-chartered non-profit organisations recognised globally for many years; both require a written application of biblical proportions listing verifiable experience, with references; both assign at least two professionals to review each application independently; and both administer and score exams rigorously.

There is an inherent conflict-of-interest in being both teacher and examiner of the same students. For that reason, the BCI and DRII license others to teach their BCM curricula, while retaining independent control over the testing, scoring and application processes.

Conversely, it is difficult to imagine BCMI or the International Consortium for Organisational Resilience (ICOR) not giving certificates to most of their students. The commercial motivation to attract more students is greater than the educational motivation to uphold academic rigour.

I’ve never met someone who didn’t pass a BCMI or ICOR exam. But I’ve met lots of people who didn’t pass the BCI and DRII exams.

The growth of companies offering BCM certification in Asia is a lamentable consequence of somnambulant marketing by both DRII and the BCI. Both are nearly asleep in Asia, despite having many members here and Asia’s cultural predilection for education and training. The void is filled by BCMI and ICOR, whose Principals were former DRII leaders who know BCM, training and their competition. And they’re much better marketers.

The multiplicity of affordable certifications here is also the result of supply and demand. The DRII and BCI five-day certification courses cost over US$3000, excluding the cost of the examinations. A year’s salary in China. BCMI very astutely created wallet-sized chunks of certification and sells them separately at much lower prices, the same way Apple made it possible to buy just one song instead of the whole CD (and look what happened to the CD market as a result…).

The basic difference between these competitors is their motivations: BCMI and ICOR do what they do to make a profit. DRI and BCI do what they do for… prestige? The results in the commercial competition seem inevitable to me.

The main benefit for an individual to get certified is better pay than those who do not; but if everyone has one, your certificate is just office wallpaper. A BCM credential is not even the preferred way for an employer to know that an individual is competent in BCM, however. The employer relies far more on the recommendations and references on what a person has accomplished. A certificate just helps a candidate clear the first screen of applicants. I’m not ready to say that BCM certification is not valuable. Yet. Training is essential, in BCM as in any profession. In Asia, educational credentials are highly valued and their holders highly regarded.

You can’t go to university for a term and get a business degree. You can’t get a licence in any profession that affects human safety – doctor, airplane pilot, bridge inspector – without years of practice. But you can be certified in a week as a business continuity or crisis management professional.

I know plenty of great BC managers who are not certified, and even more certified people who are not great BC managers. And proliferation of less rigorous, less credible certifications will lead to inflation in the latter category. The more sub-prime certifications there are, the less any of them are worth.

“Certified” should mean not only that an individual knows what to do and how to do it, but that he or she has demonstrated that he or she has actually done it in practice. A Certified Public Accountant has passed the Uniform Certified Public Accountant Examination developed and maintained by the 350,000-member AICPA. A CPA not only knows the rules but can apply them to your organisation. You trust a CPA to do your books according to internationally-accepted standards.

A Certified Emergency Manager has shown real-world experience managing an emergency or a fullscale simulation, had at least 200 hours of documented training, passed a 125-question exam, written an essay on emergency management, and had all the credentials reviewed by at least two volunteer peers. You think yourself more likely to live through an emergency if a CEM is managing it.

A Microsoft Certified Professional has passed that company’s training in its operating system and passed its test. You assume a certified guy will be able to fix your computer when it crashes.

The same business that hires that CPA, CEM or MCP should be able to assume that a certified BC professional can keep the business going if it crashes, keep employees alive and keep the boss out of jail, because the person has demonstrated both knowledge and experience managing the continuity of someone else’s business.

As some bankers gave sub-prime mortgages to some people who couldn’t afford them, some trainers in Asia are giving BCM certifications to some people who aren’t yet ready for them. It isn’t a crisis yet, but you can sure see a bubble forming already.