Companies are paying higher bonuses to IT staff who are certified in security, database management and project management than to IT staff with standalone skills, according to a survey conducted by New Canaan, Conn.-based research and advisory company Foote Partners. Premium or bonus pay for those certifications increased from 12 percent to 18 percent from the fourth quarter of 2000 to the fourth quarter of 2001, with a 4 percent increase in bonus pay for certifications overall in the same time period. And employers are more apt to pay for certification training than they were two or three years ago. "CIOs believe that certifications demonstrate a greater commitment to job and career, and show initiative on the part of the employee," adds David Foote, president of Foote Partners. "Those employees are a safer bet in economic downturns, when CIOs are under pressure to justify IT dollars spent." But it\u2019s important to consider your skilled IT staff and to understand which certifications will benefit your company to ensure that your dollar is well spent.Best PracticesDon\u2019t assess your staffing needs on certifications alone. Remember, experience counts. Certification programs are more prevalent for infrastructure issues like networking and database systems and are less prevalent in areas like application development. "IT employees with years of experience versus certifications can approach problems more creatively," says David Foote, president of Foote Partners. "CIOs need free-thinking gun-slingers on board too." Encourage staff to get IT certifications that include a project management component, such as Novell Project Plus. Employees with those skills can help you improve process. Project management also teaches process documentation and knowledge sharing, which will help CIOs keep expertise in-house.Identify the areas in IT that warrant certification. "Security is a board-level issue that can impact your ability to form partnerships, your competitiveness and your stock price," Foote adds. CIOs need to make the business argument for resources and IT staff with specific security certifications such as forensics and intrusion detection.