Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire.

Slides:



Advertisements
Similar presentations
Assignment 4 Instructor: Dr E. Crowley Student: Victor Wong Date: 23 September, 2004.
Advertisements

Common/shared responsibilities between jobs.
Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.
METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
Federal Concierge LLC All Rights Reserved FAC-P/PM– Compliance Discussion.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Security and Personnel
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
4/29/2009Michael J. Cohen1 Practical DIACAP Implementation CS526 Research Project by Michael J. Cohen 4/29/2009.
October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.
Hands-On Ethical Hacking and Network Defense
Security Controls – What Works
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Information Systems Security Officer
IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.
Supplier Ethics: Program Checklist
FDA’s Pharmaceutical Inspectorate Robert Coleman National Expert Drug Investigator Food and Drug Administration.
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
1 Semi-Annual & Time and Effort Logs Maintaining Compliant Documentation for Federally Funded Programs.
Complying With The Federal Information Security Act (FISMA)
Assisting Students with Disabilities: A Training Program
CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.
Presented by: Cecelia Largo-Nez, Community Involvement Specialist Local Governance Support Center Fort Defiance Agency March 25,2 009 “Essential Tools.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.
Federal Cyber Service Training and Education Initiative CICG Personnel, Training and Education Subgroup Mark Montgomery National Security Council November.
Association for Biblical Higher Education February 13, 2013 Lori Jo Stanfield Evaluator Team Training for Business Officers.
1 DEFENSE LOGISTICS AGENCY AMERICA’S COMBAT LOGISTICS SUPPORT AGENCY DEFENSE LOGISTICS AGENCY AMERICA’S COMBAT LOGISTICS SUPPORT AGENCY WARFIGHTER SUPPORT.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.
Certification and Accreditation CS Unit 1: Background LTC Tim O’Hara Ms Jocelyne Farah Mr Clinton Campbell.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
NMS Certification and Accreditation (C&A) Removal of Material Weakness for NMS Security and Access Controls Jim Craft USAID ISSO.
Module N° 8 – SSP implementation plan. SSP – A structured approach Module 2 Basic safety management concepts Module 2 Basic safety management concepts.
Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.
DoD Financial Management Certification Program
Department of the Navy Information Security Program
DoD Region 4 Pollution Prevention Project Task 8: Database Development and EMS Integration Phil Barnes University of South Carolina.
Strengthening Science Supporting Fishery Management  Standards for Best Available Science  Implementation of OMB’s Peer Review Bulletin  Separation.
1 © Material United States Department of the Interior Federal Information Security Management Act (FISMA) April 2008 Larry Ruffin & Joe Seger.
NESTOA September 20, 2011 Safeguards Program Briefing.
The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.
Roadmap For An Effective Compliance And Ethics Program The Top Ten Things the Board Must Know [Name of Presenter] [Title] [Date]
UMBC POLICY ON ESH MANAGEMENT & ENFORCEMENT UMBC Policy #VI
Defense Information Systems Agency A Combat Support Agency E3 Engineering Division 13 December 2011 Defense Information Systems Agency A Combat Support.
Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.
1 Time and Effort Reporting Lessons Learned: Problems and Potential Solutions Helga Greenfield Associate Vice President for College Relations and Director.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
Privacy Act United States Army (Managerial Training)
Technology Services – National Institute of Standards and Technology Implementing the National Technology Transfer and Advancement Act in the Federal Government.
Presented by Eliot Christian, USGS Accessibility, usability, and preservation of government information (Section 207 of the E-Government Act) April 28,
 Local commanders understand impact of IA on mission accomplishment  Standard allies and coalition partners can emulate  IA for other workforces (acquisition,
DON Code of Privacy Act Fair Information Principles DON has devised a list of principles to be applied when handling Protected Personal Information (PPI).
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
Security Education, Training, and Awareness Programs Jeff Summits.
NCSLI 2007 Training Records from an Auditors Viewpoint Shawn Mason Boston Scientific.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
For Official Use Only (FOUO) and Similar Designations NPS Security Office
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Department of the Navy Security Enterprise Leadership Course Curriculum for Security Program Oversight 1.
AHIMA’s Commission on Certification for Health Informatics and Information Management (CCHIIM) Test Development Process Jo Santos, RHIA Senior Manager,
Roadmap For An Effective Compliance And Ethics Program
Introduction to the Federal Defense Acquisition Regulation
Information Security Seminar
Paul T. Smith Davis Wright Tremaine LLP
QCTO Skills Development Provider Accreditation
Education User Interface (EdUI) New Mexico Public Education Department
Presentation transcript:

Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire

Agenda What is it? What is it? Why Why Governance Governance What is available What is available Courses Available Courses Available Certification Certification How (unique requirements) How (unique requirements) DACUM Process DACUM Process Questions Questions

Just In Time Training What you need…when you need it.

Governance Computer Security Act of 1987/Public Law Computer Security Act of 1987/Public Law Mandatory periodic training of personnel who manage, use, or operate Federal computer systems Mandatory periodic training of personnel who manage, use, or operate Federal computer systems Committee on National Security Systems (CNSS) Issuances Committee on National Security Systems (CNSS) Issuances NSTISSD 500(ISS INFOSEC ATE), 501(National Training Program for ISSPs), 4011 (Training Standard for INFOSEC Profs), 4012 (National Training Standard for DAAs), 4013 (Std for Std for SysAdmins), 4014 (Std for ISSO) and 4015 (Std for Certifiers) NSTISSD 500(ISS INFOSEC ATE), 501(National Training Program for ISSPs), 4011 (Training Standard for INFOSEC Profs), 4012 (National Training Standard for DAAs), 4013 (Std for Std for SysAdmins), 4014 (Std for ISSO) and 4015 (Std for Certifiers)

Governance (continued) Information Assurance, DoD Dir Information Assurance, DoD Dir DoD shall train for the defense of computer network defense DoD shall train for the defense of computer network defense All personnel authorized access to DoD information systems shall be trained in accordance to DoD and Component policies and requirements and certified to perform IA responsibilities All personnel authorized access to DoD information systems shall be trained in accordance to DoD and Component policies and requirements and certified to perform IA responsibilities Develop and promulgate IA Policy related to training Develop and promulgate IA Policy related to training Develop and Provide IA training and awareness products Develop and Provide IA training and awareness products NSA shall develop, implement ad oversee an IA education, training and awareness program for users and administrators of DoD cryptologic SCI systems NSA shall develop, implement ad oversee an IA education, training and awareness program for users and administrators of DoD cryptologic SCI systems

Governance (continued) DoD Directive (continued) DoD Directive (continued) DoD Components shall ensure that IA awareness, training, education and professionalization for personnel developing, using, operating, administering, maintaining, and retiring DoD information systems DoD Components shall ensure that IA awareness, training, education and professionalization for personnel developing, using, operating, administering, maintaining, and retiring DoD information systems Supplanted DoD Directive Supplanted DoD Directive NSA - Train DoD Components in evaluation techniques NSA - Train DoD Components in evaluation techniques JCS – Educate & train at NDU JCS – Educate & train at NDU Establish training and awareness program for all DoD civilians, military and contractor personnel accessing civilians, military and contractor personnel accessing information systems information systems Training and awareness program shall be established Training and awareness program shall be established

Governance (continued) OMB Circular A-130 OMB Circular A-130 Information resources management means the planning, budgeting, organizing, directing, training, and administrative control associated with government information resources. Information resources management means the planning, budgeting, organizing, directing, training, and administrative control associated with government information resources. Provide training and guidance as appropriate to all agency officials and employees and contractors regarding their Federal records management responsibilities Provide training and guidance as appropriate to all agency officials and employees and contractors regarding their Federal records management responsibilities

Governance (continued) OMB Circular A-130 OMB Circular A-130 The agency knows a substantial portion of users have ready access to the necessary information technology and training to use electronic information dissemination products The agency knows a substantial portion of users have ready access to the necessary information technology and training to use electronic information dissemination products Develop and conduct training programs for Federal personnel on information resources management including end-user computing Develop and conduct training programs for Federal personnel on information resources management including end-user computing Establish personnel security policies and develop training programs for Federal personnel associated with the design, operation, or maintenance of information systems Establish personnel security policies and develop training programs for Federal personnel associated with the design, operation, or maintenance of information systems Privacy Act Training Privacy Act Training Agencies must plan for incorporating policies and procedures regarding regarding computer security, records management, protection of privacy, and other safeguards into the training of every employee and contractor. Agencies must plan for incorporating policies and procedures regarding regarding computer security, records management, protection of privacy, and other safeguards into the training of every employee and contractor.

Courses Operational Information Assurance Curriculum Operational Information Assurance Curriculum (U) INTRO TO COMPUTER SECURITY (web based) (U) INTRO TO COMPUTER SECURITY (web based) (U) OPERATIONAL INFORMATION ASSURANCE PART1 (web based) (U) OPERATIONAL INFORMATION ASSURANCE PART1 (web based) (U) OPERATIONAL INFORMATION ASSURANCE - PART II (ILT - offered monthly) (U) OPERATIONAL INFORMATION ASSURANCE - PART II (ILT - offered monthly) (U) COMPUTER SECURITY FOR SUPERVISORS (web based) (U) COMPUTER SECURITY FOR SUPERVISORS (web based) (U) NSA/CSS INFORMATION SYSTEMS CERTIFICATION AND ACCREDITATION PROCESS (NISCAP) (ILT – offered quarterly) (U) NSA/CSS INFORMATION SYSTEMS CERTIFICATION AND ACCREDITATION PROCESS (NISCAP) (ILT – offered quarterly)

Courses (Continued) Malicious Code (Under Development) Malicious Code (Under Development)

Required Training Introduction to Computer Security Introduction to Computer Security Computer Security for Managers Computer Security for Managers Operational Security Operational Security

Training Plan Awareness Initiatives Awareness Initiatives Presentations Presentations Posters and Trinkets Posters and Trinkets Training Initiatives Training Initiatives Courses/Curriculum Courses/Curriculum

What is available? Colleges and Universities Colleges and Universities Commercial Institutions Commercial Institutions Department of Defense Department of Defense Federal Institutions Federal Institutions

How – Unique Requirements Develop a Curriculum (DACUM) Process Develop a Curriculum (DACUM) Process Phase I Phase I Participants Participants Job Description or Focus Statement Job Description or Focus Statement Tasks, Knowledge and Skills Tasks, Knowledge and Skills Phase II Phase II Units of Instructions Units of Instructions Course Content Course Content

DoD Directive 8570 (DRAFT) Information Assurance Training, Certification and Work Management (Draft) Information Assurance Training, Certification and Work Management (Draft) Train and certify IA Workforce Train and certify IA Workforce

Questions ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.