What is DoD 8570?
8570 provides guidance and procedures for the training, certification, and management of the DoD workforce conducting Information Assurance functions in assigned duty positions. It also provides guidance on reporting metrics.
What agencies are affected by 8570?
- Office of the Secretary of Defense
- Military Departments
- Chairman of the Joint Chiefs of Staff
- Combatant Commands
- Office of the Inspector General of the DoD
- Defense Agencies
- DoD Field Activities
- all other organizational entities in the DoD
Who is affected by 8570?
Any full- or part-time military service member, contractor, or local nationals with privileged access to a DoD information system performing information assurance (security) functions — regardless of job or occupational series.
The manual, 8570.01M, specifies that the Department of Defense requires approximately 110,000 identified Information Assurance professionals to be certified within a five year time period. The Defense Information Assurance Program office has divided its Information Assurance workforce into six defined categories (see chart below). The manual also specifies the types of commercial information assurance credentials that qualify for each of the defined categories.
When is 8570 effective?
8570 is effective immediately and is mandatory for use by all of the DoD Components.
Where can I find more information from the Department of Defense on the requirements?
Visit the DoD IASE website at: http://iase.disa.mil/eta/index.html#8570training (.mil or .gov only). If you cannot access the DoD website call the Defense Information Assurance Program Office at 703-604-1480×112 for additional information.
Where can I find the 8570 Manual?
- Identify all positions performing information system management (IA Management) or privileged access (IA Technical) IA functions by category and level
- This applies to all positions with IA duties, whether performed as primary or additional/embedded duties (full or part-time)
- Train, certify, and obtain the proper security clearance for all personnel (IA Technical & IA Management) identified as part of the IA workforce to accomplish their IA duties
- Personnel identified as IA Technical Personnel (IATs) and part of the IA Workforce must obtain and maintain IA & Computing Environment professional certifications.
- Personnel identified as IA Management Personnel (IAMs) and part of the IA Workforce must obtain and maintain IA professional certifications.
- The certification requirements apply to DoD civilian employees, military personnel, local nationals, and support contractors performing IA functions either full or part-time
What are the DoD Approved Certifications?
Per Table AP3.T2, here are the “DoD Approved Baseline Certifications:”
Which courses align with “DoD Approved Certifications”?
Technical Level Certification Name
IAT Level II Security+
IAT Level II CISSP® – Certified Info. Systems Security Professional
IAT Level III CISSP® – Certified Info. Systems Security Professional
Management Level Certification Name
IAM Level I Security+
IAM Level I CISSP® – Certified Info. Systems Security Professional
IAM Level II CISSP® – Certified Info. Systems Security Professional
IAM Level III CISSP® – Certified Info. Systems Security Professional