Department of Defense Directive 8570.1 Certifications needed

Department of Defense Directive 8570.1

In 2004, the US Department of Defense (DoD) established Directive 8570.1: Information Assurance Training, Certification and Workforce Management. It requires that all DoD information assurance technicians and managers are trained and certified to effectively defend DoD information, information systems and information infrastructures.

CompTIA Certifications for D8570.1: The DoD Directive 8570.1 Implementation Manual has an approved list of certifications to meet the DoD D8570.1 requirements; CompTIA A+, Network+ and Security+ are included. CompTIA certification programs receive worldwide use and recognition, and are built with the knowledge of industry leaders from the public and private sectors, including training, academia and the government.

* CompTIA A+
* Network+
* Security+

How does the mandate impact contractors doing business with DoD? DoD officials recently added a clause to the Defense Federal Acquisition Regulation Supplement (DFARS) that will require any company bidding on new DoD information technology (IT) contracts to have 8570-compliant personnel. The agency is currently asking for public comment on the clause, though a few requests for proposals (RFPs) and requests for quotes (RFQs) are already incorporating the new language. Industry observers expect the new clause to take full effect in summer 2007.

What is the significance of this mandate and of commercial certification in general? This mandate will have far-reaching implications, including:

* The Directive is viewed as a government endorsement of the effectiveness and costefficiency of commercial certification.
* It provides military and civilian personnel with a certification that is professional, internationally recognized and vendor-neutral (not tied to any agency, technology or product).
* It provides a portable certification that is recognized in both the public and private sectors.
* It mandates and endorses a global standard (ANSI/ISO/IEC 17024).
* It positions the information security profession as a distinct job series.

Are there different certification requirements for managers than for technically oriented information assurance or information security personnel?

Yes. There are six categories outlined in the Directive matrix with different roles and responsibilities and different certifications applicable for each category. Information assurance personnel must be certified under a credential that meets the criteria laid out in these six matrix categories. Managers must meet the certification requirements outlined under the Technical III (T3) and all Management categories (M1, M2 and M3). Technical personnel must meet the certification requirements outlined under the Technical I (T1) and Technical II (T2) categories (See Chart Below.) The DoD 8570.1M Manual states that additional certifications will be added in the future.

This pretty much covers the certifications that the military dod initiative is demanding.

Second level Demands Comptia Security + the rest of the certifications they are looking for are the security related certifications which I have put again below

IAT Level I
A+
Network+
SSCP

IAT Level II
GSEC
Security+
SCNP
SSCP

IAT Level III
CISA
CISSP
GSE
SCNA

IAM Level I
GISF
GSLC
Security+

IAM Level II
GSLC
CISM
CISSP

IAM Level III
GLSC
CISM
CISSP

DoD 8570.01-M, Table AP3.T2. DoD Approved Baseline Certifications

The future is now people as the govt goes so goes IT.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

JDMurray

And the purpose of your posting is...?

mamono

He maybe posting this as a reference to all the talk in recent CompTIA Security+ posts about the DOD 8570 compliance... maybe?

robertguess

mamono wrote:

He maybe posting this as a reference to all the talk in recent CompTIA Security+ posts about the DOD 8570 compliance... maybe?

JD you dont believe this is relevant important information for people??

This shows how important security certifications are becoming and shows people getting into the field how important and recognized the comptia certifications of A+ network + and security + are??

I do not know what your asking. This was just information I was trying to share so people knew what DOD and consultant companies would be looking for now and in future. Which might help some people find jobs. What certifications can help them in this regards etc..

LarryDaMan

robertguess wrote:

mamono wrote:

He maybe posting this as a reference to all the talk in recent CompTIA Security+ posts about the DOD 8570 compliance... maybe?

JD you dont believe this is relevant important information for people??

This shows how important security certifications are becoming and shows people getting into the field how important and recognized the comptia certifications of A+ network + and security + are??

I do not know what your asking. This was just information I was trying to share so people knew what DOD and consultant companies would be looking for now and in future. Which might help some people find jobs. What certifications can help them in this regards etc..

Maybe the reaction was because there was no intro, just a big cut and paste. Maybe if it was preceded by a "Hey guys, I am posting this because I thought it would be useful", you wouldn't have gotten that reaction.

I am sure this has been posted before, I think even by JD.

LarryDaMan

LarryDaMan wrote:

I am sure this has been posted before, I think even by JD.

Yep. JD posted this two years ago!

http://www.techexams.net/forums/viewtopic.php?t=16267

Link to the article appears to be broken, but a forum search will reveal lots on 8570.

JDMurray

It smacked of an advertisement for a product or service, which is not allowed here.

And yes, searching the forums for "8570" shows that the topic has come up before. It's hardly new news. It's one of the reasons why the cost of the Security+ exam has increased so much in price.

robertguess

I am sorry new to board. But how is this an advertisement of any type??

I honestly just thought was relevant good information for your board and people. To just see what is going on in industry. I truly believe this will be wave of future but nothing is in stone. I think this solidifies all of you who've worked hard achieving your comptia certifications.

To those who have them congratulations to those who work on them good luck:)

I am just here to chat meet some people. Seemed a nice site some very good people.

I am sorry I didn't know to search first before posting something.

To me this is huge I dont even have the word? Comptia people used to ask what does it mean( I am on boards) they ask is it worth it.

Before would have said yep for someone new to field. Who needs to get basic networking down. Now to me it has justification based on this directive. Not just a+ because of warranty information but also network + and security +

I would not have been able to answer is Network + worth it. I honestly told most who had background in networking to just go to MCP or MCSE route.

Now because of this one thing I no longer say that. I think is relevant and getting more and more recognized and accepted daily.

This is a great thing for all of the people who have worked their tails off achieving these credentials.

networker050184

The reaction your post received was not because you posted information that has been posted already, it was the format of the post. You didn't give any kind of explanation or anything. It was a simple copy and paste which wreaks of a spam advertisement.

I'm sure everyone appreciates you sharing info, next time just add an opening like "I found this thought it was good information..." or something along those lines.

Oh, and welcome to the forums!