No comments yet

Opinion Piece for LSPMR

By  Tony Simmonds MBA, CPRM, CPPD, CMC

I have been motivated to write this article to assist the market to understand the concepts and application of competence and certification in order to clarify some marketing misinformation.  To start it is important to be clear about some definitions.  These definitions include:-Qualification, Competence, and Certification.


Qualification as defined in the Cambridge English Dictionary is

“an official record showing that you have finished a trainingcourse”.

The training course usually involves gaining knowledge which is then followed byeither an assignment, assessment, case study or an examination. Qualifications are normally bestowed at the completion of the training and achievement of the minimum requirements approved for the course being undertaken. An issuer of a qualification can be an Approved/Accredited Academic Institution such as a University, oran Approved/Accredited Vocational Sector Provider such as a Polytechnic.

Qualifications issued by an Approved Academic Institution usually involves the understanding of theories and an examination so that the individual can demonstrate their comprehension of those theories. Pass marks are defined and a “grading system” is used to differentiate the level of achievement. Those individuals who do not achieve the minimal pass mark are classified as a failand maybe given an opportunity to try again.

Qualifications issued by an Approved/Accredited Vocational Sector Provider usually involves a combination of knowledge and skills testing. Upon successful completion, the individual is described as competent. Those individuals who do not achieve the requirements at the time of the assessment are deemed Not Yet Competent (NYC) and can continue to develop through further training and assessment, until that can prove they are competent. This will be covered later under the heading of Competence.

This training approach, and the achievement of a qualification, can also be referred to as accredited training. Accredited in this case means the issuer has been endorsed by an external agency/regulatory authority for the courses and the qualifications issued. Training delivered and qualification issued under this arrangement is quality assured, and subject to both internal and external national/international governance and compliance requirements. The learner who undertakes a qualification through an Approved/Accredited Academic Institution or Approved/Accredited Vocational Sector Providercan be assured that the delivery method, assessment and qualification meets national and/or international standards.

Training providers who claim or deliver qualifications as an outcome using any other approach is false or misleading. In fact, those training providers who make these false claims de-value those Academic Institutions and Vocational Sector Providers who are accredited.


Competence as defined in the Business Dictionary is

“a cluster of related abilities, commitments, knowledge, and skills that enable a person to act effectively in a job or situation.Competence indicates sufficiency of knowledge and skills that enable someone to act in a wide variety of situations. Because each level of responsibility has its own requirements, competence can occur in any period of a person’s life”

In the ISO 17024:2004 standard for bodies operating certification of persons defines competence as

“demonstrated ability to apply knowledge and/or skills and, where relevant, demonstrated personal attributes”

The Australian Vocational Sector competency based model requires an individual to demonstrate proof of performance –you know and you can do what you say you can do.  In this same Australian competency model proof of performance involves three components – knowledge, skills and behaviours/attributes that an individual must possess, demonstrate and prove to an independent assessor to fulfil the requirements defined for a specific level and qualification.

Qualifications in this competency context are described in terms of Units of Competence.  For example, the Certificate IV in Integrated Risk Management.  This qualification has seven Units of Competence,when viewed holistically and completed successfully, provide the basis for an individual to operate at the practical level.  In other words, these are the agreed requirements for a person who would undertake the role of a risk officer in an organisation.

Each Unit of Competence is then broken down into Elements of Competency (essential outcomes) and these are broken down further and defined as Performance Criteria (performance that needs to demonstrated).  An example of a Unit of Competence is providedin the table below.  This example has been extracted from the Qualification called Certificate IV in Integrated Risk Management.  This qualification is an accredited course under the Australian Qualifications Framework.

Unit of Competence – IRMERE402 Establish the risk environment

This unit describes the performance outcomes, skills and knowledge required to identify the internal, external and risk management contexts, and to support the clear definition of the criteria to be used during the risk assessment process.  Additionally, the classification and identification of risks that will have an impact on the objective to which the risk assessment process is to be applied is critical.  Without this process risk analysis, cannot occur.

This is not a once off activity; rather it is applied on a continuing basis throughout an integrated risk management process until the activity or project to which the risk assessment process is applied has been completed.

No licensing, legislative, regulatory or certification requirements apply to this unit at the time of accreditation.




Elements describe the essential outcomes of a unit of competency.

Performance criteria describe the required performance needed to demonstrate achievement of the element.  Where bold italicised text is used, further information is detailed in the required skills and knowledge and/or the range statement.  Assessment of performance is to be consistent with the evidence guide.

1 Identify the external context 1.1 Collect data on the external context that will potentially contribute to, or impact on, the risk management process
Collect and assembledata on the externalstakeholders’perceptions and values
  1.3 Prepare data for input to the communication and consultation plan and the risk register
2 Identify the internal context 2.1 Collect and collate data on the internal context, including organisational structure, key personnel, internal stakeholders, values, perceptions and reporting lines

Collect and collate data on relevant policies and procedures that will impact on, or contribute to the risk management process

  2.3 Prepare data for input to the communication and consultation plan& the risk register


Note: this table represents only part of the actual Elements and Performance Criteria that form this Unit of Competence

Competency can be gained through a variety of pathways including:-

  1. Recognition of Prior Learning (RPL).  In other words, an individual may have already proventhat they know and can do what they say they can do and have in their possession documentary evidence that supports that claim.
  2. Undertake an accredited training program that leads to a qualification.  In this case the qualification involves skills performance as well as knowledge performance. Only Approved/Accredited Vocational Sector Providers are authorised to deliver and issue these qualifications.

Learners who want to compare providers must ensure the provider can demonstrate they are delivering an Approved/Accredited qualification by the national/international governmental accrediting body.  Providers who cannot demonstrate the above should be engaged knowing the risks.


Certification as formulated from ISO 17024 is

“the output of the certification process where an applicant has fulfilled specified competence requirements”

Certifications are issued from a professional society, a certification body, or from a private certifier (known in this article as an Issuing Authority) and not by the government.  Many certification programs are created, sponsored, or affiliated with professional member associations or trade organizations interested in raising standards.  The Issuing Authority should be completely independent from member associations or trade organizations but may receive support and endorsement from them.

Under the ISO 17024 the Issuing Authority provides an impartial, third-party endorsement of an individual’s professional knowledge and experience. A government agency can decree a certification is required ‘by law’ for a person to be allowed to perform a task or job. For example, only Certified Practicing Engineers (CPEng) can perform certain tasks in the construction industry.  There are legal, warranty and insurance risks should work be undertaken from a non-certified individual.  However, some membership bodies/organisations/government agencies either endorse the Issuing Authority or at the very least recognize that individuals who complete the certification are given due recognition in favour of those who may not have the certification when comparing between two candidates for a particular rolee.g. Only Certified Project Managers may be involved in some Defence related projects.  No such requirement exists in the Risk Management profession.

The growth of certification in the risk management profession is also a reaction to the changing employment market. Certifications are portable, since they do not depend on one company’s definition of a certain job. Certification differs from a qualification in that qualifications are a life-long attainment whereas certification and competence involves currency and may have to be renewed periodically.  As a part of a complete renewal of an individual’s certification, it is common for the individual to show evidence of continued learning such as Continuous Professional Development (CPD) units.

There are several organisations claiming to be an Issuing Authority particularly in the Risk Management field.  I would like to raise several points that I believe could be used as a set of criteria to make an informed judgement about the Issuing Authority:

  1. In paragraph 4.2.5 of the ISO 17024 it states the Issuing Authority “shall not offer or provide training, or aid others in the preparation of such services, unless it demonstrates how training is independent of the evaluation and certification of persons to ensure that confidentiality and impartially are not compromised”. So, those claiming to be an Issuing Authority, who also provide the training in a period of training before completing an examination,in my opinion do not meet the requirements of the ISO standard.
  2. The requirements for the issuance of a certification should involve the applicant having a specific qualification(s), a certain number of years’ and type of experience, defined competencies and agreement to a set of ethical and behavioural standards as specified by the Issuing Authority.  Simply undergoing some fast-tracked training, examination and/or interview does not meet the spirit of the ISO where it refers to demonstration of competence.  My assumption is the definition of competence as defined earlier in this article is agreed.
  3. Establishing multiple levels of certification without explanation of the points above provides confusion to the market, when individuals and/or organisations try to compare like with like.  In my opinion there is only a need for 2 basic levels – one for the practitioner/risk officer, who is either part or full time in the role, is required to conduct or facilitate risk assessments and then provide advice and support on risk controls.  A level of proficiency using risk management software is also needed to demonstrate competence in this role. The other level is that of a Professional Level where the role requires the individual to create and/or manage the organisation’s risk management framework.  Integration of the organisation’s risk management framework and the other business systems, process and procedures is a “must have” to demonstrate competence in this role. Simply raising another Issuing Authority without defining the requirements and providing justification for each level and type of certification in my opinion fails the legitimacy test.
  4. As part of the certification process the Issuing Authority needs to have the mechanism for recognition of CPD activities, grievance processes and the like as defined in the ISO and make these publicly available.

Applicants who want to compare certifications must ensure the Issuing Authority can demonstrate legitimacy by providing proof of the points I raised.  Those Issuing Authorities who cannot demonstrate the points should only be engaged knowing the risks.


I indicated in the beginning that I was motivated to write this article to assist the market to understand the concept and application of competence and certification in order to clarify some marketing misinformation.  I also believe I have proven that not all providers of qualifications are the same.  Only Approved/Accredited [provider] should be engaged to ensure quality and learner focused outcomes are achieved.  There are differing understandings of what competence means.  Whilst the Australian Qualifications Framework is not the panacea, it does provide a legitimate basis to claim that those who complete qualifications under this or a similar framework can claim that graduates are competence in the area and at the level as specified on the qualification that is issued.  Finally, many who claim to be legitimate Issuing Authorities may in fact not be. There are specific criteria that I have identified that could be used as a mechanism for applicants to make informed judgements on the Issuing Authority’s legitimacy.

Post a comment