== Professional knowledge, certification, and regulation It started with [[a tweet by Matt Simmons https://twitter.com/standaloneSA/status/400967972883546112]] that [[got a reaction from me https://twitter.com/thatcks/status/401025667309248514]]. Before I write a bunch of entries on this (instead of trying to cram even more complex thoughts into 140 characters) I want to talk about the significant differences I see between three basic things that are being talked about here (in general). A body of professional knowledge is what it sounds like; in the case of system administration, it's some version of our accumulated experiences and wisdom. For now let's pretend that this body of knowledge will be descriptive ('when people did X this is what generally happened') instead of prescriptive ('do X instead of Y') and thus basically uncontroversial. I think that accumulating a body of knowledge is a noble endeavour but I also think that it's a lot of work, which means that it's not going to happen unless people find some way to pay for it. (It's not enough for us to blog; blogging is to an established body of professional knowledge as research papers are to science textbooks. To have a real body of knowledge we need the equivalent of a textbook that people agree on. Putting everything together to create it is where a good part of the thankless hard work is.) Certification sits on top of some body of professional knowledge. I see three broad levels of certification: certification that you have been exposed to the professional knowledge (this is the 'I got training' level of certification), certification that you know the professional knowledge, and certification that you can properly apply the professional knowledge. The latter sort of certification is the most useful to businesses, hiring managers, and so on (because it's what they really care about), but it also places a demand on the professional knowledge. To be able to meaningfully certify this you must be able to pose questions that have a (theoretically) objective correct answer and an incorrect answer, because that's what it takes to test people on it. This is fine for certain sorts of professional knowledge, where there already really is only one correct answer (eg, 'how do you use command X to do Y'). However it's my view that this is the least interesting thing to certify and what people really want to certify is much higher level and correspondingly much fuzzier about 'correctness' in its natural state. (At this point I will note that a university degree is not certification in this sense. If it was we would not have all these stories about Computer Science graduates who can't program worth beans.) Regulation is a significant step beyond mere certification where you basically get punished for not being certified or not doing things in the certified way, whether this is directly (by law) or tacitly (eg by increased liability). Unlike professional knowledge or certification, regulation is not something that can be done purely within a profession; it intrinsically needs the outside world to play along. Generally the outside world is at least a bit sceptical so this takes quite a bit of work one way or the other. (The easiest way to get the outside world to care is for clearly slipshod work to kill people.) As I see things there are major gulfs between all three of these things. The gulf between certification and regulation is obvious. The gulf between professional knowledge and strong certification is the distance from having 'best practices' to reaching consensus that some options are never valid.