CPB2011: Fix the fundamentals first
By A. Asohan May 14, 2012
- Major disconnect between opponents and proponents
- Proposed Bill ignores fundamental flaws
LET’S get off the bat right away: There is nothing wrong with what the Computing Professionals Bill 2011 (CPB2011) purports to aim for and address — upgrading the quality of such professionals, and safeguarding information networks deemed critical to the nation by bringing in new levels of accountability and scrutiny.
Anybody who works in, or with, the Information and Communications Technology (ICT) industry would probably agree with the spirit behind the proposed law.
These are perhaps the only areas in which the proponents of the Bill and the larger technology community agree on. What they do not agree on is a matter of first principles: That is, whether there is the need for legislation, and whether the proposed Bill actually addresses these areas or merely applies a Band-Aid to cover deep-rooted wounds in Malaysia’s ICT ecosystem.
The CPB2011 calls for, among other things, the formation of a national body called the Board of Computing Professionals Malaysia (BCPM). This board would register and certify ICT professionals, evaluating their qualifications and credentials.
But it’s all about the fundamentals; the devil’s in the details — choose your favourite catchphrase here. There is an essential schism between the proponents and opponents of the Bill. It does not help that the proponents have misread the objections of the tech community as the vocal response of a few.
It is not; it is in fact the microcosmic reflection of the entire community.
In a December 17 interview with The Edge’s [email protected], Professor Zaharin Yusoff, who served as the alternate chairman to the group that is working on the Bill, described those opposing it as “a minority group who happen to be mostly involved in the social media space, thus giving the appearance of widespread anger towards the proposed BCPM.” He also accused them of not seeing the bigger picture.
So do let us look at the bigger picture.
First, there is something fundamentally wrong with our education system. At the Ministry of Science, Technology and Innovation’s (MOSTI) “open day” dialogue on the Bill last week, one ICT business owner said he has interviewed Computer Science graduates with little or no knowledge of programming.
One only has to look at the course modules of the Bachelor of Information Technology (Computer Science) programme offered by Universiti Kebangsaan Malaysia (as one example only) to see this: Very little programming.
Also, after 12 years of primary and secondary school education, why do our university students still require “Foundation English”? At the university level, if you’re still studying English, it better be to understand the psychology and motivations of Hamlet, not how to speak and communicate in the lingua franca of the tech world, or indeed, the world at large!
That particular course is required by the Faculty; among the courses required by the university are “Ethnic Relations” and “Islamic Civilizations and Asian Civilizations.”
While it is laudable that our universities want to produce well-rounded individuals, this could be better served by requiring students to take electives outside of their faculty and their undergraduate programme. And, of course, by abolishing the ethnic-relations-killing Biro Tata Negara programmes.
Zaharin and his team acknowledge this critical need to upgrade education, saying that the BCPM is just one part of a three-pronged strategy laid out in the ICT Human Capital Development Framework that was introduced in October last year. That initiative aims to “raise the overall quality of not just IT practitioners but also the profile of the profession so as to attract better quality students to the field.”
The framework document contends that “the situation is now critical as the country’s output of ICT graduates in terms of quantity and quality is woefully inadequate.”
At the MOSTI open day, another proponent, Datuk Halimah Badioze Zaman from the National Professors Council, complained that universities do not get the “cream of the crop” for their ICT programmes any longer.
She blamed the media for running stories in the late 1990s on how a large proportion of local ICT graduates could not get jobs and were, indeed, unemployable.
Never mind that she rewrote the laws of cause-and-effect of classical physics — grads could not get jobs, then the media ran their stories, not the other way round — but if there is a problem, fix the education system.
Where the proponents have failed is in showing how the formation of such a board and the passing of the CPB2011 can address this.
If you fix the education system, then you do not need the CPB2011; if you do not fix the education system, then the BCPM qualification becomes just another piece of worthless paper like the degrees and diplomas our tertiary institutions are churning out to meet some “knowledge worker” target for the nation.
As for the other aspects of the ICT Human Capital Development Framework, you do not need new legislation, just the political will to do what is right. This means the education and higher education ministries have to stop treating teachers and lecturers as vote banks and be prepared to kick some butt.
Then we come to the other aspect of the quality of ICT services being delivered to critical systems, coming under the vague term of Critical National Information Infrastructure (CNII), or “assets (real and virtual), systems and functions that are vital to the nation,” including media, healthcare, transportation and so on.
This seems to have been the CPB2011 proposers’ sales pitch to the government: Having such a Board would help ensure standards are maintained in these networks just as similar engineering and construction bodies have helped ensure stadium roofs do not collapse.
Oops, that didn’t quite work there, did it?
Ensuring quality in these networks is a goal worth striving for. It’s just that I am not convinced the CPB2011 will achieve that or even move us closer towards this target.
In fact, that goal may be better served by first specifically defining the CNII components that are covered, then ensuring — through the tender process, and in the case of government networks, Treasury approval — these networks comply with globally-accepted standards.
A host of standards body like the International Standards Organisation (ISO) offer such certification already, while there are best practices out there in the world that Malaysian government bodies can adopt — and many already do.
What MOSTI could do is work with other relevant ministries and bodies to come up with a minimum regime of standards that all CNII organisations must ensure are implemented in their information networks. In the case of government organisations, this can be mandatory; for private sector organisations, this can at least be highly recommended.
Using globally-accepted standards for the thousands of CNII networks surely would serve as a better, faster, less costly and relatively hassle-free vehicle to reach the targets the CPB2011 proponents say they are aiming for, rather than registering and certifying hundreds of thousands of ICT professionals who may or may not work on these systems at some point of their career.
It is about the networks, not the individuals.
Such a Bill would also threaten to kill off the Malaysian government’s Open Source Software (OSS) procurement preference policy. Except for offerings from some established companies like Red Hat and SUSE, a large proportion of OSS, especially community-created software, does not have any formal certification process.
How is the BCPM going to evaluate these offerings constantly and consistently to ensure they do not fall under the radar? It would be a massive undertaking that beggars the imagination. Add to that the fast-changing nature of ICT, I doubt the Board would be able to keep up.
The proposed CPB2011 is “big government” way of thinking, even if the original idea may have come from certain parties in the industry: Bureaucratic, procedure- and paperwork-driven, and costly in terms of manpower and finances.
To make the CPB2011 work at all, its formulators will have to explore every single education programme in the country to determine which graduates are covered, whether as Computing Practitioners or Computing Professionals as described in the Bill.
Someone who graduates with a medical degree is a doctor; an engineering grad is an engineer. A Computer Science grad is not necessarily a “computer scientist” — he or she may join the industry as a technical specialist, developer or even in the sales and marketing team.
And what about someone who graduates from a “creative multimedia” programme? Or that self-taught college kid who developed, in his bedroom, an iPad app for doctors?
To make the CPB2011 work would require spelling out every instance of where and when registration qualifies, and which professions and CNII networks (or parts thereof) it covers — all in intricate detail.
To do so would create such a voluminous document that it would make your typical tort textbook look like a flyer. Surely there are easier ways of achieving the stated objectives of the Bill than to unleash this monster on the ICT ecosystem?
This article appeared previously in The Malaysian Insider