Credentialing Management Systems: Key Considerations
By Colin Biddle, Construction Management Association of America (CMAA)
All credentialing organizations handle a flurry of information. An effective credentialing body manages applications, examinations, maintenance of credentials and possibly even more. Credentialing professionals need a system to tie all this information together and deliver services securely to candidates, credential holders and the public. This system can take many different forms. A credentialing management system (CMS) is any platform or group of platforms used to manage, administer or maintain a professional credentialing scheme. This article will examine the key concepts for creating the right CMS to manage your organization’s information needs.
There is no one-size-fits-all approach to this topic because no two credentialing organizations have the same business needs. However, there are three basic overarching themes that all credentialing organizations should consider when planning a new CMS:
- What are the necessary components of your CMS
- How to protect/manage CMS data
- How to implement CMS changes
These topics are each explored below. Some important questions are included to help guide your decisions during the planning stages and find the right system or combination of systems that are appropriate to your organization. You or your staff may struggle to answer some of these questions, so it is vital that all relevant stakeholders participate in the planning process as early as possible to find the best solution.
Please note that this article assumes most organizations will choose digital tools for their CMS, but organizations might learn during planning that there are “analog” paper-only or hybrid (electronic and paper) solutions that are better for their circumstances. For example, credentials with performance-based examinations in which candidates submit physical items for evaluation might require organizations to keep physical records. The questions below may still help these organizations.
Credentialing organizations that wish to develop a new CMS must first carefully consider what options they need and want. There are many possible features of a CMS and applicants, candidates, credential holders, staff and the public could all interact directly or indirectly with parts of the CMS. Choosing the right components are necessary to accomplish your organization’s goals.
Some common CMS components include:
- Applications (initial applications and maintenance/renewal applications)
- Item bank
- Test delivery/proctoring
- Association management system (AMS)
- Learning management system (LMS)
- Credential verification systems (website registry, digital badging, etc.)
- Administrative systems (staff records, governance processes, accounting/finance, etc.)
Organizations may decide to combine components into one system for efficiency or leave them as separate systems in the interest of security, time or money. If a CMS consists of separate systems, each component may be a different piece of software, a separate vendor or a paper-only analog system maintained by staff.
Organizations that choose a digital CMS often select web-based, software as a service (SaaS) databases. Many SaaS systems allow staff and other stakeholders to access the CMS through the web browser on any computer with an internet connection. SaaS systems can dramatically increase efficiency and are standard in many businesses, but organizations should still carefully consider the potential security risks.
Given the variety of possible features, credentialing organizations should ask the following during the CMS design process:
- What is our primary goal (best user experience, lowest cost, quickest to deploy, integrates with other software we already use, etc.)?
- Are there existing systems (an AMS, LMS, etc.) that our organization already uses that we can “piggyback” on to accomplish our goals?
- Do applicants, candidates and credential holders need access to all features?
- Does staff need access to all features?
- Are there components that we may need to add in the future? If so, what do we need to do now to make them possible later?
- (If selecting digital components) Do these services meet our IT security requirements?
- (If using multiple platforms) Do all components need to connect to each other, or may some be independent?
- For example, after a candidate is approved for an examination, should the system automatically send an eligibility notification to a test administration vendor? Should a credential holder receive a digital badge automatically after they pass the exam?, etc.
- (If connecting multiple platforms) Do these components all support integration?
- (If connecting multiple platforms) What support do we need from the vendor/our IT team to complete the integration?
Organizations must take appropriate steps to protect data during the planning process and throughout the lifespan of a CMS. The right CMS can support an organization’s policies and procedures by restricting access to sensitive data with methods like password protection, encryption, limiting user permissions, etc. These measures should reflect the size, complexity and types of credentials that each organization offers, as well as relevant laws governing data privacy and personnel involved with credentialing decisions.
Common types of CMS data can include, but are not limited to:
- Information in candidate applications
- Examination results
- Certificate dates
- Examination items
- Examination item statistics
- Examination forms
- Job task analysis results
Good data reporting tools are also critical for managing CMS data and should be considered as early as possible in the decision process. Many systems generate detailed reports to make key business decisions, so organizations should understand what information they need and how to access it from the CMS.
To make the best decisions for their CMS data, organizations should consider the following:
- Which vendors/staff need which data?
- Who can see data?
- What data is proprietary?
- Are data stored in the cloud or on a shared drive?
- What is the physical location of the server(s)?
- Who legally owns the data?
- What agreements are in place to protect the validity/security of data?
- What agreements are in place to protect the objectivity of staff and vendors who have access to data?
- What recovery plans are in place to protect loss of data?
- What security measures are appropriate to our business environment to protect our data?
- What reporting tools are available for our data?
- How do we export data from the system?
After a credentialing organization understands their design and data needs, it is necessary to form a plan to construct and launch their new CMS. For this stage, credentialing organizations should conduct a realistic assessment of their own resources, stakeholder expectations and timeline. “Scope creep” can threaten the project with unnecessary delays or expenses during implementation, so organizations must remain focused on their project goals and remember the adage, “perfect is the enemy of good.”
There are multiple methods for building and releasing a CMS. Credentialing organizations might choose one of the following options:
- Option 1: Purchase an “out of the box” CMS system from a software vendor. This is usually the quickest and most inexpensive implementation solution. Vendors also offer a wide variety of features and continued technical support after the CMS is deployed. However, these systems usually still require some customization. Your organization also would typically have less control over design, testing and release.
- Option 2: Use your organization’s IT team to develop your own custom CMS. A custom system allows organizations to have the greatest possible control of the design, user experience and integrations with other systems. It is also a major investment of time and money, which may be prohibitive for organizations that do not have enough IT staff to dedicate to the project.
- Option 3: Combine options 1 and 2. Assign your IT staff to work directly with a vendor or hire an outside IT consultant to work with the vendor for you. This approach mitigates some of the risk but requires the software vendor and your organization’s IT team/consultant to collaborate effectively.
Critical considerations for CMS implementation include:
- Do out of the box systems offer what we need or do we need to develop our own?
- Who should participate in the requirements, design, testing and implementation?
- Do we have the existing staff to support this project or do we need an outside consultant to assist?
- When using an outside consultant, have they worked with this type of CMS or software vendor before?
- What are the risks?
- Who is responsible for managing risk?
- What is our budget?
- What is our timeline?
- How prepared are we for unexpected costs and delays?
- What contingencies do we need in our budget and schedule in case there are surprises?
- What ongoing technical support will be necessary after the CMS is deployed?
- After the CMS launches, will our organization have the resources to fix software issues, add customization and train staff for the CMS or will we need an outside vendor to assist?
Creating a new CMS may seem like a daunting project for credentialing organizations, but by carefully considering your organization’s requirements at the beginning of the process it is possible to build and launch a successful CMS. It is critical to involve your relevant stakeholders from the beginning and understand what problems you are trying to solve. Ultimately, a successful implementation will result in a unique system (or combination of systems) that meet(s) the needs of your applicants, candidates, credential holders, staff, the public and other stakeholders.