Iris reviewed the scant stack of applications for the newly created security manager position and frowned. There should have been many more than just three applicants for the position. After the human resources incident earlier in the month, she had been extremely careful in crafting the job description, and was elated when Mike Edwards approved the creation of the new position and the plan to hire. The new security manager was to assist in the drafting of security policies and plans, a need that had been highlighted by the recent HR problem. Iris called Gloria in human resources. “I’m worried about the number of applicants we had,” she said.
“I really thought there where would be more than three applicants given the Way the local economy is right now.” Gloria replied, “oh, there were dozens, but I prescreened them for you.” “What do you mean?” Iris asked. “Prescreen how?” Gloria elaborated. “Well, we passed on only the most qualified applicants. According to our criteria, applicants for information security positions must have a CISA certification or some level of GIAD.” “Since I am not aware of such a certification as a GIAD, you must mean GIAC?” Iris asked, her uneasiness building. “No, the files says GIAD,” Gloria replied confidently. “Well, for this position we need a CISSP or CISM, not a GIAD or CISA.
Those certifications don’t match the job description I wrote, and I don’t remember specifying any required certifications.” “You don’t have to,” Gloria said “we’ve determine that the best people for the jobs are the ones who have the most certifications. We don’t really look at anyone who isn’t certified. Is there a problem?” In order to complete this assignment please follow these guidelines: If you were Iris, how would reply to Cheryl’s question? What, if anything, is wrong with the human resources focus depicted here?
Examine the relationship between certifications and experience. Do certifications alone identify the job candidates with the most appropriate expertise and work experience?