Tag Archives: certifications

The Open Trusted Technology Provider™ Standard (O-TTPS) – Approved as ISO/IEC 20243:2015 and the O-TTPS Certification Program

By The Open Group

The increase of cybersecurity threats, along with the global nature of Information and Communication Technology (ICT), results in a threat landscape ripe for the introduction of tainted (e.g., malware-enabled or malware-capable) and counterfeit components into ICT products. This poses significant risk to customers in the operation of their business enterprises and our critical infrastructures.

A compromised electronic component or piece of malware-enabled software that lies dormant and undetected within an organization could cause tremendous damage if activated remotely. Counterfeit products can also cause significant damage to customers and providers resulting in rogue functionality, failed or inferior products, or revenue, brand equity loss, and critical damage.

As a result, customers now need assurances they are buying from trusted technology providers who follow best practices with their own in-house secure development and engineering practices and also in securing their out-sourced components and their supply chains.

Summary

The O-TTPS, an Open Group Standard, specifies a set of best practice requirements and recommendations that ICT providers should follow throughout the full life cycle of their products from design through disposal – including their supply chains – in order to mitigate the risk of tainted and counterfeit components. The Standard is the first with a Certification Program that specifies measurable conformance criteria for both product integrity and supply chain security in ICT.

The Standard provides requirements for the full product life cycle, categorizing them further into best practice requirements for Technology Development (product development and secure engineering methods) and Supply Chain Security.

by-the-open-group

The Open Group O-TTPS Certification Program offers certificates for conformance to both the O-TTPS and ISO/IEC 20243:2015, as the two standards are equivalent. The Program identifies the successful applicant on a public registry so customers and business partners can readily identify an Open Trusted Technology Provider™ who conforms to the Standard.

The Certification Program is available to all providers in the ICT product’s supply chain, including: Original Equipment Manufacturers (OEMs), hardware and software component suppliers, integrators, Value Add Resellers (VARS), and distributors. Thus, it offers a holistic program that not only allows customers to identify trusted business partners like integrators or OEMs who are listed on the registry, but it also allows OEMs and integrators to identify trusted business partners like hardware and software component suppliers, VARS, and distributors from the public registry.

by-the-open-group

Target Audience

As the O-TTPS Certification Program is open to all constituents involved in a product’s life cycle – from design through disposal – including those in the product’s supply chain, the Standard and the Certification Program should be of interest to all ICT providers as well as ICT customers.

The newly published guide: O-TTPS for ICT Product Integrity and Supply Chain Security – A Management Guide, available from The Open Group Bookstore at www.opengroup.org/bookstore/catalog/g169.htm, offers guidance to managers – business managers, procurement managers, or program managers – who are considering adopting the best practices or becoming certified as an Open Trusted Technology Provider™. It provides valuable information on:

  • The best practices in the Standard, with an Appendix that includes all of the requirements
  • The business rationale for why a company should consider implementing the Standard and becoming certified
  • What an organization should understand about the Certification Program and how they can best prepare for the process
  • The differences between the options (self-assessed or third-party assessed) that are currently available for the Certification Program
  • The process steps and the terms and conditions of the certification, with pointers to the relevant supporting documents, which are freely available

The Management Guide offers a practical introduction to executives, managers, those involved directly in implementing the best practices defined in the Standard, and those who would be involved in the assessments, whether self-assessment or third-party assessment.

Further Information

The Open Trusted Technology Provider™ Standard (O-TTPS), Version 1.1 is available free-of-charge from www.opengroup.org/bookstore/catalog/c147.htm.

The technically equivalent standard – ISO/IEC 20243: 2015 – is available for a fee from iso.org.

For more information on the Open Trusted Technology Provider™ Standard (O-TTPS) and the O-TTPS Certification Program, visit www.opengroup.org/ottps.

@theopengroup #ogSFO

1 Comment

Filed under Accreditations, Certifications, COTS, Cybersecurity, O-TTF, O-TTPS, OTTF, standards, Supply chain risk, The Open Group, The Open Group San Francisco 2017, Uncategorized

What is Open FAIR™?

By Jim Hietala, VP, Business Development and Security, The Open Group

Risk Practitioners should be informed about the Open FAIR body of knowledge, and the role that The Open Group has played in creating a set of open and vendor-neutral standards and best practices in the area of Risk Analysis. For those not familiar with The Open Group, our Security Forum has created standards and best practices in the area of Security and Risk for 20+ years. The Open Group is a consensus-based and member-driven organization. Our interest in Risk Analysis dates back many years, as our membership saw a need to provide better methods to help organizations understand the level of risk present in their IT environments. The Open Group membership includes over 550 member organizations from both the buy-side and supply-side of the IT industry. The Security Forum currently has 80+ active member organizations contributing to our work.

A History of Open FAIR and The Open Group

In 2007, Security Forum Chairman Mike Jerbic brought the Factor Analysis of Information Risk (FAIR) to our attention, and suggested that it might be an interesting Risk Analysis taxonomy and method to consider as a possible open standard in this area. Originally created by Jack Jones and his then company Risk Management Insights (RMI), Jack and his partner Alex Hutton agreed to join The Open Group as members, and to contribute the FAIR IP as the basis for a possible open risk taxonomy standard.

Over a period of time, the Security Forum membership worked to create a standard comprising relevant aspects of FAIR (this initially meant the FAIR Risk Taxonomy). The result of this work was the eventual publication of the first version of the Risk Taxonomy Standard (O-RT), which was published in January 2009.  In 2012, the Security Forum decided to create a certification program of practitioners of the FAIR methodology, and undertook a couple of related efforts to update the Risk Taxonomy Standard, and to create a companion standard, the Risk Analysis Standard (O-RA). O-RA provides guidance on the process aspects of Risk Analysis that are lacking in O-RT, including things like risk measurement and calibration, the Risk Analysis process, and control considerations relating to Risk Analysis. The updated O-RT standard and the O-RA standard were published in late 2013, and the standards are available here:

C13G Risk Analysis (O-RA)

C13K Risk Taxonomy (O-RT), Version 2.0

We collectively refer to these two standards as the Open FAIR body of knowledge.  In late 2013, we also commenced operation of the Open FAIR Certification Program for Risk Analysts. In early 2014, we started development of an accreditation program for Open FAIR accredited training courses. The current list of accredited Open FAIR courses is found here. If you are with a training organization and want to explore accreditation, please feel free to contact us, and we can provide details. We have also created licensable Open FAIR courseware that can enable you to get started quickly with training on Open FAIR. Future articles will dive deeper into the Open FAIR certification program and the accredited training opportunity. It is worth noting at this point that we have also produced some hard copy Open FAIR guides that are helpful to candidates seeking to certify to Open FAIR. These are accessible via the links below, and are available at a nominal cost from our publishing partner Van Haren.

B140   Open FAIR Foundation Study Guide

G144  A Pocket Guide to the Open FAIR Body of Knowledge

Beyond the standards and certification program work, The Open Group has produced a number of other helpful publications relating to Risk, Security, and the use of Open FAIR. These include the following, all of which are available as free downloads:

W148  An Introduction to the Open FAIR Body of Knowledge

C103  FAIR – ISO/IEC 27005 Cookbook

G167  The Open FAIR™ – NIST Cybersecurity Framework Cookbook

G152  Integrating Risk and Security within a TOGAF® Enterprise Architecture

G081  Requirements for Risk Assessment Methodologies

W150  Modeling Enterprise Risk Management and Security with the ArchiMate® Language

Other Active Open FAIR Workgroups in the Security Forum

In addition to the standards and best practices described above, The Open Group has active workgroups developing the following related items.  Stay tuned for more details of these activities.   If any of the following projects are of interest to your organization, please feel free to reach out to learn more.

1) Open FAIR to STIX Mapping Whitepaper. This group is writing a whitepaper that maps the Open FAIR Risk Taxonomy Standard (O-RT) to STIX, a standard which originated at MITRE, and is being developed by OASIS.

2) Open FAIR Process Guide project – This group is writing a process guide for performing Open FAIR-based Risk Analysis. This guide fills a gap in our standards & best practices by providing a “how-to” process guide.

3) Open Source Open FAIR Risk Analysis tool – A basic Open FAIR Risk Analysis tool is being developed for students and industry.

5) Academic Program – A program is being established at The Open Group to support active student intern participation in risk activities within the Security Forum. The mission is to promote the development of the next generation of security practitioner and experience within a standards body.

6) Integration of Security and Risk into TOGAF®, an Open Group standard. This project is working to ensure that future versions of the TOGAF standard will comprehensively address security and risk.

How We Do What We Do

The Open Group Security Forum is a member-led group that aims to help members meet their business objectives through the development of standards and best practices. For the past several years, the focus of our work has been in the areas of Risk Management, Security Architecture, and Information Security Management standards and best practices. ‘Member-led’ means that members drive the work program, proposing projects that help them to meet their objectives as CISO’s, Security Architects, Risk Managers, or operational information security staff. All of our standards and best practices guidance are developed using our open, consensus-based standards process.

The standards development process at The Open Group allows members to collaborate effectively to develop standards and best practices that address real business issues. In the area of Risk Management, most of the publications noted above were created because members saw a need to determine how to apply Open FAIR in the context of other standards or frameworks, and then leveraged the entire Security Forum membership to produce useful guidance.

It is also worth noting that we do a lot of collaborating with other parts of The Open Group, including with the Architecture Forum on the integration of Risk and Security with TOGAF®, with the ArchiMate™ Forum on the use of ArchiMate, an Open Group standard, to model Risk and Security, with the Open Platform 3.0™ Forum, and with other Forums. We also have a number of external organizations that we work with, including SIRA, ISACA, and of course the FAIR Institute in the Risk Management area.

The Path Forward for Open FAIR

Our future work in the area of Risk Analysis will likely include other cookbook guides, showing how to use Open FAIR with other standards and frameworks. We are committed to meeting the needs of the industry, and all of our work comes from members describing a need in a given area. So in the area of Risk Management, we’d love to hear from you as to what your needs are, and even more, to have you contributing to the development of new materials.

For more information, please feel free to contact me directly via email or Linkedin:

 

@theopengroup

Jimby-jim-hietala-vp-business-development-and-security Hietala, Open FAIR, CISSP, GSEC, is Vice President, Business Development and Security for The Open Group, where he manages the business team, as well as Security and Risk Management programs and standards activities,  He has participated in the development of several industry standards including O-ISM3, O-ESA, O-RT (Risk Taxonomy Standard), O-RA (Risk Analysis Standard), and O-ACEML. He also led the development of compliance and audit guidance for the Cloud Security Alliance v2 publication.

Jim is a frequent speaker at industry conferences. He has participated in the SANS Analyst/Expert program, having written several research white papers and participated in several webcasts for SANS. He has also published numerous articles on information security, risk management, and compliance topics in publications including CSO, The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others.

An IT security industry veteran, he has held leadership roles at several IT security vendors.

Jim holds a B.S. in Marketing from Southern Illinois University.

Leave a comment

Filed under Accreditations, ArchiMate®, Certifications, Cybersecurity, Open FAIR, Open FAIR Certification, RISK Management, Security, Standards, The Open Group, TOGAF®, Uncategorized

Transitioning The Open Group Examinations from Prometric to Pearson VUE

By Andrew Josey, VP, Standards & Certification and Deborah Schoonover, Director, Certification, The Open Group

The Open Group is moving to Pearson VUE as its new examination provider for IT certification exams.

At the time of writing this article (October 2016), we are in a period of dual operation, with most exams available at both Prometric and Pearson VUE.  Through January 31, 2017, you will have the option to take exams at Prometric testing centers, as you have in the past, and must do so if you are holding a Prometric voucher. There’s no change to the exam registration process with Prometric. Effective February 1, 2017, Pearson VUE will be the sole provider of our certification exams.

As part of the transition to Pearson VUE, we are changing the registration process. To take an exam at a Pearson VUE testing center, you will need an Open Group web account, even if you plan on registering for an exam by phone or in person, so that we can ensure your certification history is kept in sync. You can register for an Open Group web account at www.opengroup.org (select login).

In the rest of this article we cover a number of key questions about the transition.

Q: When are The Open Group exams moving to Pearson VUE?

A: Most Open Group exams are currently available at Pearson VUE today and the remaining exams will be soon. We are running a dual operation, with many exams being offered at both Prometric and Pearson VUE during this transition period. See our exam registration page for a current listing of where different exams are being offered: https://certification.opengroup.org/take-exam.

The Open Group exams will be offered at Prometric through January 31, 2017. After that date, exams will only be available at Pearson VUE.

Q: Can I use my exam voucher at either exam provider today?

A: No, you must use your voucher at the designated exam provider. If your exam voucher code starts with “OG”, then it is for Pearson VUE, otherwise it must be used at Prometric, for exams scheduled through January 31, 2017.

Q: Am I required to have an exam voucher to take an exam at Pearson VUE?

A: No, you can also pay by credit card when registering for the exams.

Q: How do I know if my exam voucher is for Prometric or Pearson VUE?

A: If your exam voucher code starts with “OG”, then it is for Pearson VUE. All other codes are Prometric vouchers.

Q: Can I exchange my Prometric voucher for a Pearson VUE voucher?

A: No. Prior to January 31, 2017 you should use your Prometric voucher to book an exam at Prometric. Starting February 1, 2017, your Prometric voucher will be automatically accepted at Pearson VUE (if the code starts with any of the following two characters: 23, 50, 93, 95, 96, 98, 2X, 9X, SX, ZC, ZX). You won’t need to exchange your Prometric voucher, you will be able to use it directly within the Pearson VUE exam registration system.

Q: Will my Prometric voucher be accepted at Pearson VUE?

A: If you received your voucher from an Open Group Accredited Training Course Provider, then yes, your Prometric voucher will be accepted at Pearson VUE after January 2017. If your voucher is valid and unused, then starting February 1, 2017 you will be able to use you voucher to book an exam with Pearson VUE.

Prometric vouchers beginning with any of the following two characters: 23, 50, 93, 95, 96, 98, 2X, 9X, SX, ZC, ZX will be automatically usable at and accepted for exam registration at Pearson VUE after January 31, 2017.

If your voucher begins with any of the following two characters: ER, G2, G3, GP, or P2, then NO, your voucher will not be accepted at Pearson VUE. These vouchers must be used at Prometric by January 31, 2017.

Q: How do I use my Prometric voucher at Pearson VUE?

A: Starting February 1, 2017, if your Prometric voucher is unexpired and unredeemed, you will be able to use it directly when registering at Pearson VUE. Go to https://certification.opengroup.org/take-exam for instructions on how to register. When you get to the payment screen, enter your Prometric voucher number.

Q: What do I do if my Prometric voucher expires after January 31, 2017?

A: If your Prometric voucher has an expiration date after January 31, 2017 and the voucher code starts with the any of the following two characters, your voucher will be accepted at Pearson VUE starting February 1, 2017:

23, 50, 93, 95, 96, 98, 2X, 9X, SX, ZC, ZX

If you have one of the above voucher codes and wish to take your exam before February, you must schedule your exam at a Prometric test center.

If your Prometric voucher starts with any of the codes listed below, the voucher was purchased directly from Prometric and must be used at a Prometric test center by January 31, 2017:

ER, G2, G3, GP, P2

Any vouchers starting with code ER, G2, G3, GP, or P2 that are not used by January 31, 2017 will cease to be valid.

Q: Can I use my Prometric voucher to register in January for an exam in February?

A: No. Your Prometric voucher will not be accepted at Pearson VUE until February 1, 2017.

Q: If I failed the Combined exam at Prometric, can I retake the failed part at Pearson VUE?

A: Yes, you can retake the failed part at Pearson Vue. If the account you use to log in to Pearson VUE contains the email address you used when you took your exam at Prometric, then we will be able to match your new exam results to your prior results.

See our Pearson VUE Frequently Asked Questions for more information about taking an exam at Pearson VUE or our exam registration page to Register for an Exam at Pearson VUE.

@theopengroup

By Andrew JoseyAndrew Josey is VP, Standards and Certification overseeing all certification and testing programs of The Open Group. He also manages the standards process for The Open Group.

Since joining the company in 1996, Andrew has been closely involved with the standards development, certification and testing activities of The Open Group. He has led many standards development projects including specification and certification development for the ArchiMate®, TOGAF®, POSIX® and UNIX® programs.

He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects (AEA).  He holds an MSc in Computer Science from University College London.

 

 

by-andrew-josey-and-deborah-schoonoverDeborah Schoonover is the Director of Certification at The Open Group, responsible for the development and operation of The Open Group’s certification and accreditation programs. In this role, she engages with various working groups to define each program and the policies and legal documents that underpin the program, defines the business requirements for and oversees development of the underlying software systems, and oversees operational delivery of the certification services.

Prior to joining The Open Group, Deborah held development, quality management, and marketing roles at Cadence Design Systems. Deborah holds a Bachelor of Science degree in Computer Science from Lehigh University and a Master of Business Administration (MBA) degree from Boston University.

 

 

Comments Off on Transitioning The Open Group Examinations from Prometric to Pearson VUE

Filed under Certifications, Prometric, Standards, The Open Group, Uncategorized

UNIX®: Allowing Engineers to Engineer

By Darrell May, Senior Principal Software Engineer, Oracle®

Oracle® Solaris innovation is due in part to the UNIX® standard,[1] the test suites,[2] and the certification.[3] By conforming to the standard, using the test suites[4] and driving to certification, Oracle® Solaris software engineers can rely on stable interfaces an assurance that any regressions will be found quickly given more than 50,000 test cases.[5] The old analogy was to build a good building in which you must have a strong foundation applies here. UNIX creates that foundation through stable and reliable interfaces where functional behaviors are predictable for both systems and userland development.

Developers (and users) benefit by not having to relearn command line interface semantics helps focus energy on innovation. UNIX is the “foundation” of Oracle® Solaris but also it helps Oracle® Solaris to be a foundation for other system or userland software engineering. Enterprise developers can be confident that the foundation won’t change out from under them from release to release.

An often-overlooked aspect of standards and the UNIX standard in particular is that they do not restrict the underlying implementation. This is important particularly because it allows innovation “under the hood”. As long as the semantics and behavior of a system call are preserved, you can implement any way you want. Operating systems developers can come up with better algorithms, improved performance, tie into hardware offload (see Oracle’s Software in Silicon innovation[6]) etc., to improve the efficiency of the call. Even better is that application developers get those benefits without having change the application source code to take advantage of it. As a system software developer it is a great feeling to deliver the benefit of improved features, security performance, scalability, stability, etc.,[7] while not having a negative impact on application developers using Oracle® Solaris.

By Darrell May, Senior Principle Software Engineer, OracleDarrell May is a Senior Principle Software Engineer for Oracle® Solaris with his current focus on serviceability, manageability and observability. He has a long history navigating the system stack from firmware to drivers to kernel to userspace identifying, designing and delivering solutions for the most difficult challenges. He is particularly passionate about enabling engineers to do engineering, facilitating customers’ business and driving innovation in the products that he works on.

UNIX® is a registered trademark of The Open Group.  Oracle® and Oracle® Solaris are registered trademarks of Oracle Corporation.

[1] http://www.opengroup.org/standards/unix

[2] http://www.opengroup.org/testing/testsuites/unix.html

[3] http://www.opengroup.org/subjectareas/platform/unix

[4] http://www.opengroup.org/testing/testsuites/vsx4over.htm

[5] http://www.opengroup.org/testing/testsuites/vsc5over.htm

[6] http://www.oracle.com/technetwork/server-storage/softwareinsilicon/index.html

[7] https://www.oracle.com/solaris/solaris11/index.html

 

Comments Off on UNIX®: Allowing Engineers to Engineer

Filed under Certifications, Oracle, Single UNIX Specification, Standards, The Open Group, Uncategorized, UNIX

The 20th Anniversary of the UNIX® Standard and Certification

By The Open Group

The UNIX® platform, as a technology, has been around more than 40 years, being at the center of innovation and technology in computer science and driving the Fortune 1000 businesses today. Over twenty years ago, a number of companies came together to acknowledge the value of the UNIX platform, but more importantly, the need for all UNIX implementations to be interoperable and compatible to support the tremendous ecosystem built on top of UNIX systems. An open and inclusive collaboration followed, which led to the creation of the Single UNIX Specification, the industry standard for UNIX systems. The standard is supported by extensive certification tests to ensure that the theory of interoperability and compatibility became a reality with suppliers, vendors and customers knowing and demanding UNIX certification in their solution. UNIX, the go-to operating system, is trusted for mission critical applications because it is robust with a powerful footprint and is inherently more secure and stable than the alternatives. The first UNIX certifications were awarded twenty years ago this year.

During the following 20 years, the UNIX standard has continued to evolve and embrace new technology. The most recent version UNIX V7 is the latest step in the evolution of the standard, but by no means the end as there is greater and greater demand by those developing UNIX operating systems, those who integrate UNIX operating system in their solutions and, most importantly, the customers who deploy those solutions as part of their business innovation.

“The UNIX platform demonstrates the value of being open, since as a truly open standard it allows all to focus on driving innovation of the ecosystem around the platform rather than competing at the core OS level. The open standard makes portability easier for software developers, provides integrators with choice in the building blocks for solutions, and enables customers to focus on solving business problems rather than integration issues,” says Steve Nunn, President and CEO, The Open Group.

“The Open Group from day one has been the shepherd for the standard leveraging its long history in the development of open standards. This ensures the value of the standard UNIX platform grows for both member companies who contribute, as well as those who demand openness as part of their solution,” comments Andrew Josey, Director, Standards, The Open Group.

Please join The Open Group and our Platinum Member UNIX Partners in celebrating this momentous 20-year milestone.

@theopengroup @unixr

 

 

5 Comments

Filed under Single UNIX Specification, standards, Uncategorized, UNIX

Congratulations to The Open Group Open Certified Architect (Open CA) on its 10th Anniversary!

By Cristina Woodbridge, Architect Profession Leader, IBM, retired

In New York City on July 18, 2005, The Open Group announced the IT Architect Certification (ITAC) Program in recognition of the need to formalize the definition of the role of IT Architect, a critical new role in the IT industry. The certification program defines a common industry-wide set of skills, knowledge and experience as requirements for IT Architects and a consistent repeatable standard for a peer-based evaluation.

Why was this important? The practice of architecture in the IT industry has the objective of defining how various contributing business and IT elements should come together to produce an effective solution to a business problem. The IT Architect is responsible for defining the structures on which the solution will be developed. When we think of how IT solutions underlay core business throughout the world in every industry and business sector, we can understand the impact of architecture and the role of the IT Architect on the effectiveness and integrity of these systems. In 2015, this understanding may seem obvious, but it was not so in 2005.

How did the standard come about? Based on the request of industry, The Open Group Architecture Forum and the membership at large, The Open Group Governing Board approved the creation of a working group in 2004 to develop the IT Architect certification program. As part of this new working group, I remember when we first came together to start our discussions. Representing different organizations, we were all a little reluctant initially to share our secret definition of the IT Architect role. However as we discussed the skills and experience requirements, we quickly discovered that our definitions were not so secret but commonly shared by all of us. We all agreed IT Architects must have architectural breadth of experience in a wide range of technologies, techniques and tools. They must have a disciplined method-based approach to solution development, strong leadership and communication skills. This conformity in our definition was a clear indication that an industry standard could be articulated and that it was needed. There were areas of differences in our discussion, but the core set of skills, knowledge and experience requirements, which are part of the certification program, were easy to agree upon. We also saw the need to define the professional responsibilities of IT Architects to foster their profession and mentor others. The outcome was the development of the ITAC certification conformance requirements and the certification process.

We unanimously agreed that the candidate’s certification needed to be reviewed by peers, as is the case in many other professions. Only certified IT Architects would be able to assess the documented experience. I have participated in hundreds of board reviews and consensus meetings as part of the Open CA direct certification boards, the IBM certification process and by invitation to audit other organization certification boards. In all of these I have consistently heard the same probing questions looking for the architectural thinking and decision-making process that characterizes IT Architects. In the cases in which I was auditing certifications, I could often anticipate the issues (e.g., lack of architectural experience, was an architectural method applied, etc.) that would be discussed in the consensus reviews and which would impact the decision of the board. This independent review by peer certified IT Architects provides a repeatable consistent method of validating that a candidate meets the certification criteria.

Since 2005, the ITAC program expanded to provide three levels of certification defining a clear professional development plan for professionals from entry to senior level. The program was renamed to The Open Group Certified Architect (Open CA) in 2011 to expand beyond IT Architecture.[1] Over 4,000 certified professionals from 180 companies in more than 60 countries worldwide have been certified in the program. The British Computer Society agrees that The Open Group Certified Architect (Open CA) certification meets criteria accepted towards Chartered IT Professional (CITP) status.[2] Foote Partners [3] list The Open Group Certified Architect certification as driving premium pay by employers in US and Canada. Having a consistent industry standard defining the role of an Architect is valuable to individuals in the profession. It helps them grow professionally within the industry and gain personal recognition. It is valuable to organizations as it provides an assurance of the capabilities of their Architects. It also establishes a common language and common approach to defining solutions across the industry.

Congratulations to The Open Group on the 10th anniversary of Open CA certification program and for maturing the Architect profession to what it is today! Congratulations to the many Open Certified Architects who support the profession through mentoring and participating in the certfication process! Congratulations to the Architects who have certified through this program!

The current Open Group Governing Board Work Group for Open CA consists of: Andras Szakal (IBM), Andrew Macaulay (Capgemini), Chris Greenslade (CLARS Ltd.), Cristina Woodbridge (independent), James de Raeve (The Open Group), Janet Mostow (Oracle), Paul Williams (Capgemini), Peter Beijer (Hewlett-Packard) and Roberto Rivera (Hewlett-Packard).

[1] The Open CA program presently includes certification of Enterprise Architects, Business Architects, and IT Architects.

[2] British Computer Society CITP Agreement on Open CA

[3] Foote Partners, LLC is an independent IT benchmark research and advisory firm targeting the ‘people’ side of managing technology

By Cristina Woodbridge, Architect Profession LeaderCristina Woodbridge was the IBM Worldwide Architect Profession Leader from 2004 to 2015. She was responsible for the effective oversight and quality of the Architect profession deployed globally in IBM. Cristina is an Open Group Distinguished Certified Architect. She is an active member of Open CA Working Group and also participates as a board member for The Open Group Direct Certification boards.

1 Comment

Filed under Certifications, Open CA, The Open Group

An Update on ArchiMate® 2 Certification

By Andrew Josey, The Open Group

In this blog we provide latest news on the status of the ArchiMate® Certification for People program. Recent changes to the program include the availability of the ArchiMate 2 Examination through Prometric test centers and also the addition of the ArchiMate 2 Foundation qualification.

Program Vision

The vision for the ArchiMate 2 Certification Program is to define and promote a market-driven education and certification program to support the ArchiMate modeling language standard. The program is supported by an Accredited ArchiMate Training program, in which there are currently 10 accredited courses. There are self-study materials available.

Certification Levels

There are two levels defined for ArchiMate 2 People Certification:

  • Level 1: ArchiMate 2 Foundation
  • Level 2: ArchiMate 2 Certified

The difference between the two certification levels is that for ArchiMate 2 Certified there are further requirements in addition to passing the ArchiMate 2 Examination as shown in the figure below.

What are the study paths to become certified?

ArchiMate 2

The path to certification depends on the Level. For Level 2, ArchiMate Certified: you achieve certification only after satisfactorily completing an Accredited ArchiMate Training Course, including completion of practical exercises, together with an examination. For Level 1 you may choose to self study or attend a training course. For Level 1 the requirement is only to pass the ArchiMate 2 examination.

How can I find out about the syllabus and examinations?

To obtain a high level view, read the datasheets that describe certification that are available from the ArchiMate Certification website. For detail on what is expected from candidates, see the Conformance Requirements document. The Conformance Requirements apply to both Level 1 and Level 2.

The ArchiMate 2 examination comprises 40 questions in simple multiple choice format. A Practice examination is included as part of an Accredited ArchiMate Training course and also in the ArchiMate 2 Foundation Study Guide.

For Level 2, a set of Practical exercises are included as part of the training course and these must be successfully completed. They are assessed by the trainer as part of an accredited training course.

More Information and Resources

More information on the program is available at the ArchiMate 2 Certification site at http://www.opengroup.org/certifications/archimate/

Details of the ArchiMate 2 Examination are available at: http://www.opengroup.org/certifications/archimate/docs/exam

The calendar of Accredited ArchiMate 2 Training courses is available at: http://www.opengrou.org/archimate/training-calendar/

The ArchiMate 2 Foundation Self Study Pack is available for purchase and immediate download at http://www.opengroup.org/bookstore/catalog/b132.htm

ArchiMate is a registered trademark of The Open Group.

Andrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF 9.1, ArchiMate 2.0, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

6 Comments

Filed under ArchiMate®, Uncategorized