It can be far easier for an employer to rely on certifications, than to do
the hard work and heavy thinking about what actually qualifies someone to do
the job, or for that matter, what exactly the job is.

I by no means wish to imply that certification is useless, or otherwise
disparage certifications. Some of them seem to be going the direction of the
true university: they mean to demonstrate that you know some of the basics
in every area. So, someone with years of specialized experience might fail
the exam, because of those areas they have not had occasion to know. In this
context, take application and database security (and I don't know if these
are part of CISSP). I would not be at all surprised to learn that dot
commers know almost nothing about these. OTOH, such certifications favor
idiot savants, who can repeat back everything they've read, but don't know
how much a candy bar costs.

Greg Stigers
http://www.cgiusa.com

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *