Quality is critical to business school deans around the world—in their educational offerings and in the students they recruit and graduate. Recently, in conversations with deans at meetings, conferences, and in their offices, I’ve noticed an increasing emphasis on the value of test security in helping to ensure and maintain that quality. As one dean commented to me, “I look to the GMAT® to help me find the very best candidates, and therefore its integrity is of paramount importance.”

In fact, that integrity is critical to GMAC as well. We are both vigilant and assertive in our commitment to maintain the absolute integrity of the GMAT exam. To that end, we’ve developed a multi-tiered approach to its security that emphasizes prevention, detection, and enforcement.

A critical component of this approach is the test’s computer-adaptive format. If an examinee answers a question correctly, a more difficult question is provided. If an examinee answers a question incorrectly, a less difficult question is provided. The algorithms that tailor the GMAT to a test taker’s abilities also enhance test security because no two test takers see the same test. This sets up a significant obstacle to would-be cheaters intent on memorizing test questions. Computer Adaptive Testing (CAT) also enables us to “mask” items—the CAT process automatically prevents someone who is retaking the GMAT from again receiving a test question they may have seen before. We frequently change the pools of GMAT test questions used in actual testing to set up another barrier to possible memorization.

The power of biometrics helps ensure that test scores in fact reflect the ability of the person who is representing those scores as his or her own. Test sites require that each GMAT examinee provide a digital signature and photograph when he or she first checks in to take the exam. Additionally, each test taker must provide a fingerprint. (A fingerprint match is required every time he or she re-enters the testing room.) The signature, photograph, and fingerprint become a permanent part of a test taker’s record.

Test Center Precautions
On the detection front, our more than 400 test centers around the world adhere stringently to a standard set of regulations that are designed to ensure test security. Audio and visual devices monitor test-takers throughout the testing experience. Possible violations are documented and subsequently investigated through an incident management report system.

The GMAT scores of candidates with confirmed violations—even minor ones—are invalidated. Violators are placed on a watch list for special attention should they return to take the test a second time (and pay again). In some instances, we may prevent the candidate from testing or even file criminal or civil proceedings.

As part of our security efforts, we also ask test takers to report all instances of suspected cheating and other inappropriate behavior. We maintain a confidential tip line where individuals can—and do—report evidence of suspected cheating, which we then investigate.

Other methods include the GMAC version of a retail store’s “secret shopper” program. “Spies,” under the guise of regular test takers, visit test sites around the world to monitor processes, test the integrity of the test administrators, and look for problems and security weaknesses. This year we have intensified this operation, particularly in countries that we have identified as risk areas.

Through data forensics, we analyze patterns of test-taker behaviors for signs of cheating. These might include, for example, two or more people using the same credit card to take the GMAT exam, or multiple parties giving the same address. Similarly, we assess the repeat test-taker whose score has risen dramatically more than the average, or an examinee with an extremely high score who elects to retake the GMAT exam.

Fraud on the Web
Knowing that some who are intent on GMAT fraud troll the Internet for GMAT questions, we use proprietary software to ferret out illegal posts of test questions. When we find these sites, we issue a “cease and desist” letter, followed as necessary with prosecution. Names of individuals using these sites that turn up as part of our investigation are matched against GMAT test-takers’ profiles. In some instances, we have revoked the test scores of individuals and barred them from ever taking the GMAT again. Any business school to which the individuals have sent test scores are also informed.

To dissuade those who might be tempted to look for questions online, we post anti-cheating messaging at URLs that they might find in such a search (see, for example, www.livegmatquestions.com). We also reinforce our anti-cheating messaging and underscore GMAT nondisclosure agreements when we send letters confirming an individual’s appointment to take the GMAT test.

In short, GMAC takes seriously the interests and needs of business schools on the security front. We can’t change the decision of an individual to commit fraud, but we can and do take every measure possible to root out, investigate, and if necessary prosecute any evidence of misconduct related to the GMAT exam. Our mandate is nothing less than to employ constant vigilance and assertive action to ensure the absolute integrity and security of the GMAT and the best interests of quality graduate management education.