An Ounce of Prevention – A Test Security Play
By Dr. John Fremer, Ph.D., President, Caveon Consulting Services
Fremer, a conscientious test security consultant
Certification Manager, a conscientious certification program manager
Fremer – “Have you had a chance to look at our Caveon Test Security Audit proposal?
Cert (A Certification Program Manager) – “I have. And, I also spoke with several of your clients and got good feedback. However, we have decided not to move forward at this time. Our Board is pressing us to cut operating costs and my Director is certain that any proposal viewed by the Board as a discretionary expense will not be approved.”
Fremer – “I am a little disappointed, but if you decide later that you need help, we will be there for you.”
Cert (on phone) – You are telling me that we have had tips from several sources that our items are being sold at test prep sites! How serious is it? That bad, yikes! …wait but don’t hang up; I have another call coming in from my boss.
(Second call) “Yes, boss, sorry to keep you waiting. You say that one of our subject matter experts has found our pool for sale on the Internet! How many items? The whole pool!! This is disastrous – I will get my whole team together and we will size up the problem and figure out what to do, immediately.”
Fremer (on phone) – “Hi Cert, good to hear from you. How can I help you?”
Cert – (with urgency in the voice) I need Caveon’s assistance right away. We have had a major security breach. Our entire operational pool may be compromised. Can you help us figure out how much damage has been done and how we can best recover?
Fremer – Absolutely, with that level of possible compromise, there are several steps you should consider, some are fairly costly. Do you have management and Board support for the financial costs?
Cert – We will spend whatever it takes. Our program’s reputation is at stake. We need to publish a replacement test that people can trust as soon as possible.
Editorial Notes –
- Some money spent “up front” on prevention would have been a good investment as hindsight makes clear.
- Notice that Fremer did not say “I told you so.”
- All aspects of test security are critical: Protect, Detect, Respond, and Recover.
Caveon’s core mission is to help you strengthen exam security and help you deliver tests fairly, securely, and with integrity.