CBT XPress DoD 8570.1 Boot Camps
Department of Defense Directive 8570.1
In 2004, the US Department of Defense (DoD) established Directive 8570.1: Information
Assurance Training, Certification and Workforce Management. It requires that all DoD
information assurance technicians and managers are trained and certified to effectively defend
DoD information, information systems and information infrastructures.
DoD 8570.01-M. DoD Approved Baseline Certifications
| IAT Level I | IAT Level II | IAT Level III |
| CompTIA A+ CompTIA Network+ (ISC) |
GSEC CompTIA Security+ SCNP (ISC) |
CISA (ISC) GSE SCNA |
| IAM Level I | IAM Level II | IAM Level III |
| GISF GSLC CompTIA Security+ |
GSLC CISM (ISC) |
GLSC CISM (ISC) |
How does the mandate impact contractors doing business with DOD? DOD officials recently added a clause to the Defense Federal Acquisition Regulation Supplement (DFARS) that will require any company bidding on new DOD information technology (IT) contracts to have 8570-compliant personnel. The agency is currently asking for public comment on the clause, though a few requests for proposals (RFPs) and requests for quotes (RFQs) are already incorporating the new language.
What is the significance of this mandate and of commercial certification in general? This mandate will have far-reaching implications, including:
- The Directive is viewed as a government endorsement of the effectiveness and costefficiency of commercial certification.
- It provides military and civilian personnel with a certification that is professional, internationally recognized and vendor-neutral (not tied to any agency, technology or product).
- It provides a portable certification that is recognized in both the public and private sectors.
- It mandates and endorses a global standard (ANSI/ISO/IEC 17024).
- It positions the information security profession as a distinct job series.
Are there different certification
requirements for managers than for technically oriented information assurance or information security personnel?
Yes. There are six categories outlined in the Directive matrix with different roles and responsibilities and different certifications applicable for each category. Information assurance personnel must be certified under a credential that meets the criteria laid out in these six matrix categories. Managers must meet the certification requirements outlined under the Technical III (T3) and all Management categories (M1, M2 and M3). Technical personnel must meet the certification requirements outlined under the Technical I (T1) and Technical II (T2) categories (see chart above.) The DOD 8570.1M Manual states that additional certifications will be added in the future.
CompTIA Certifications for D8570.1: The DOD Directive 8570.1 Implementation Manual has an approved list of certifications to meet the DOD D8570.1 requirements: CompTIA A+ Certification, Network+ Certification and Security+ Certification are included. CompTIA certification programs receive worldwide use and recognition and are built with the knowledge of industry leaders from the public and private sectors, including training, academia and the government.
Corporate/Government On-Site Training – We Come to You!
If busy schedules don’t allow your staff to come to us, CBT XPress provides on-site IT Boot Camps for corporations and military
facilities. We’ll bring our certified training instructor and test proctor right to your location to offer you the same one-on-one
coaching and immediate testing for your convenience. Contact us for more information.
CBT XPress is a proud member of CompTIA and an authorized Pearson VUE® and Prometric Mobile Testing Center. Using the speed and reliability of the Internet, your computer-based tests are downloaded and ready when you are. By taking the tests on-site, your results are promptly and accurately provided to CBT XPress. Best of all, Pearson VUE’s tamper-proof web digital embosser protects your certification and Prometric’s best-in-class security protects the integrity of your score.
