The Canadian Information Processing Society (CIPS) is making improvements to its Information Systems Professional (ISP) designation program by creating a body of knowledge all IT practitioners should attain. The Mississauga, Ontario-based society is also updating its code of ethics to reflect changes in the compliance and privacy landscape in Canada, and extending the ISP designation to groups that have not been eligible in the past such as academics and experienced IT professionals without computer science degrees. \n\nAsking IT professionals to sign on to what they considered in the past as a generalist\u2019s certificate is viewed by some as not providing immediate dollar value, says John Bouffard, president of CIPS.That\u2019s a perception that needs to change, he says.The IT profession is about 50 years old, still relatively young compared with other professions, says Kerry Augustine, an ISP since 1991 and a director at Great West Life in Winnipeg. Only about 1,500 people have the ISP designation, out of a potential pool of approximately 300,000 IT workers Canada-wide. IT professionals typically seek technical and vendor certifications, but businesses are increasingly dissatisfied with this narrow knowledge. "Many people are getting these vendor designations who may know the product but can\u2019t execute or apply it within organizations," says Augustine. Organizations are also getting increasingly impatient with IT\u2019s dismal track record. "Sad to say, success is gleaned from failure in other areas, and it\u2019s raising awareness of the need for professional status in IT," says Augustine, alluding to research by the Standish Group about the high rate of IT project failures and the Hartwell Group about software glitches, both resulting in losses of millions of dollars to businesses. The need for better management of IT risks is fueling change in the business world. "IT is like a spider\u2019s web: Touch one corner and the whole thing can shake," says Bouffard. Broad knowledge of IT and its impact on an organization is needed to improve decision-making and accountability in IT. "We believe, in order to apply a professional code of conduct, we must first begin with assessing risk so an organization is fully aware of what it\u2019s embarking," says Augustine. There are all manner of risks for CIOs, from regulatory compliance to hiring the right people. And the biggest risks are in unknown areas. "We are finding when we talk to companies that their auditors aren\u2019t saying their systems and processes are robust," says Bouffard. "What they\u2019re saying is, \u2018What we looked at appears to comply with commonly accepted practices.\u2019 It\u2019s negative assurance, and that\u2019s troublesome." Most companies have policies and procedures, but problems come in new unknown areas that aren\u2019t covered off. "We believe it\u2019s important as certified professionals to implement the IT practices that auditors will evaluate, as that\u2019s our risk factor," he says. Compliance pressure is also affecting boards of directors and how organizations handle reporting to customers, shareholders and stakeholders, says Augustine. "IT has the opportunity to step up and demonstrate its capabilities by injecting aspects of quality practice," he says. "They can demonstrate they no longer have to be under the direct thumb of the CFO; they can be accountable to the board by governing their practice discipline." Bouffard says an ISP designation embodies trusted competence and intentions, supported by a common body of IT knowledge, a code of ethics and a disciplinary body. By analogy, he compares it to the capability maturity model (CMM), which embodies best practices in software development. "When companies adopt CMM and codify software development practices, their success is more reproducible. A person with an ISP is in a better position to provide reliable IT services," he says. Globalization is also highlighting the need for an internationally recognized professional IT designation. Many immigrants with IT backgrounds come to Canada\u2019s shores, only to learn their credentials are not recognized. "Canada is currently negotiating a general agreement with other World Trade Organization countries on trade and services. Canada\u2019s offer, for temp workers coming here to work on projects, is to recognize possession of an ISP or equivalent as determined by the CIPS," says Bouffard.This also works in reverse as more and more Canadian companies expand overseas. Augustine points out that Great West Life recently made some acquisitions, and now has a new site in Ireland. "So how do I know when I\u2019m hiring someone in Dublin or Toronto if their skills and competencies are the same?" he says. Bouffard points out that the ISP designation is gaining ground, particularly in the public sector, as more and more organizations add "ISP preferred" to job postings. "At a recent presentation, Jim Alexander [the acting CIO of Canada], mentioned the government is looking into professional certification for IT workers, and that\u2019s encouraging," he says.-Rosie Lombardi, ITWorldCanada.comCheck out our CIO News Alerts and Tech Informer pages for more updated news coverage.