(Or When to Abandon Ship)
By John Fremer, President, Caveon Consulting Services
February 21, 2014
“I know that other programs like ours have had major security breaches, but there is simply no budget for increased test security.” I have heard statements such as this one quite a number of times in my role trying to help testing programs prevent or detect cheating. Sometimes the speaker will say “I cannot even speak of any additional expense to my Director (or Board).” I have managed budgets in very austere times so my heart goes out to test program managers who see their situation in that way.
In my mind, though, it is in many ways a question of how you define the “basics” of a testing program. An analogy with a household budget applies here I believe. You can logically say that we have to keep everything running in our home as long as possible as buying new is not going to be feasible. If you find yourself saying though that I don’t have enough money to buy food for my family, however, the problem is absolutely critical and something has to change. There may be no appealing solution, but somehow obtaining food becomes the most critical objective and all energy goes into that quest until you can feed your family. In what the psychologist Abraham Maslow described as a “Hierarchy of Needs,” feeding and clothing your family and keeping a shelter over their heads ranks way up in human lives along with showing your love and support for your family in any way that you can.
Protecting the security of your items and tests has to rank way up in your priorities as a test program manager. If you lose control of your test items, your program’s life is in danger. Only if it continues to be accepted that your test-based credential carries some assurance of competence does it make sense to rely on it. If it becomes widely recognized that possession of that credential merely means having the money to buy a test key, hire an imposter, or pay off a corrupt test administrator your program is on a track to oblivion. If you work for a Director or report to a Board that does not recognize the critical nature of test security, you have to try to bring them around. Perhaps you will need to take a drastic step such as reducing an already strained test development budget in order to re-direct some money to upgrading test security.
If you cannot properly manage test security, I strongly recommend that you start now to look for another job; perhaps you will be able to get off the ship before it hits the iceberg. If you continue to keep trying to run a program without proper security for your tests, be aware that when the major program destroying security breach occurs you will get no credit for having warned of the danger. Instead you are likely to get a good share of the blame as people look around for someone to target. No one will even listen to your protests that you asked for support for security upgrades but were denied.