DoD 8570

INFORMATION ASSURANCE (IA) TRAINING, CERTIFICATION, AND WORKFORCE MANAGEMENT

About the DoD 8570.1 Directive
The DoD 8570.1 Directive requires that any DoD civilian, military or contract personnel who hold elevated privileges on a DoD system or network obtain a commerial certification within 6 months of filling the position that requires that access. You can obtain the directive here: DOD 8570

 

'

 

First, the certifications for technical people:

• A+: CompTIA's basic system administration cert


• Network+: CompTIA's basic network administration cert


• TICSA: TruSecure ICSA (formerly International Computer Security Association) Certified Security Associate


• SSCP: Systems Security Certified Practitioner, an (ISC)2 certification that just received ANSI accreditation -- a requirement for all of the vendor-neutral certifications


• GSEC: GIAC (Global Information Assurance Certification, formerly Global Information Assurance Center) Security Essentials Certification, a SANS entry-level certification


• Security+: basic security


• SCNP: Security Certified Network Professional, offered by the Security Certified Program


• CISSP: Certified Information Systems Security Professional from (ISC)2, which is also ISO/IEC 17024 certified.


• SCNA: Security Certified Network Architect, another SCP cert I've never seen before


• CISA: Certified Information System Auditor, offered by the Information Systems Audit and Control Association (ISACA); also ANSI-certified.


• GSE: GIAC Security Expert

Here are the certifications for managers, only listing those not covered above:

• GSLC: SANS GIAC Security Leadership Certification


• GISO: SANS GIAC Information Security Officer; this is already obsolete, replaced by the GSLC or GISF


• CISM: Certified Information Security Manager, another ISACA cert