Presentation is loading. Please wait.

Presentation is loading. Please wait.

IA Workforce Improvement Program

Published byMaximillian Bishop Modified over 9 years ago

Similar presentations

Presentation on theme: "IA Workforce Improvement Program"— Presentation transcript:

1 IA Workforce Improvement Program
Cybersecurity/Information Assurance Workforce Management, Oversight, and Compliance Chris Kelsall DON CIO, Director, Cyber/IT Workforce Ray Letteer HQMC C4, Senior Information Assurance Official LCDR Brooke Zimmerman CNO N2/N6, Information Dominance Community Manager Mike Knight NAVCYBERFOR, IA Workforce Program Manager Pete Gillis HQMC C4, Occupation Field Management Council Executive Board IA Workforce Improvement Program 22 September 2010 Briefed by Mary Purdy

2 Discussion Background Policies and Direction for Cybersecurity/IA Workforce (CS/IAWF) Management DON IAWF Management 2010 Requirements Management, Oversight and Compliance Site Review Checklist Tools to Assist in Compliance Command alternatives to address individual non-compliance of commercial certification requirements

3 Direction for IAWF Management :
Federal Information Security Management Act DODD “Information Assurance Training, Certification, and Workforce Management” DOD 8500 Series “Information Assurance” DOD M “Information Assurance Workforce Improvement Program” SECNAVINST M‑5239.3B “Information Assurance Policy” SECNAVMAN “IAWF Management Manual to Support IA WIP” DON CIO Z FEB 10 MSG, Subj: “Cybersecurity/IA Workforce Improvement Program Implementation Status/CY 2010 Action Plan” SECNAVINST , “IA Workforce Management, Oversight, and Compliance (signed on 19 Jun 2010) Service official messages Applies to civilian, military, local national, contractor; full time or “as assigned”; regardless of job series/occupational specialty

4 Impact of the “Cyber” initiatives on IA Workforce National Initiative for Cybersecurity Education (NICE) Cyberspace: (DoD) A global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers. Cybersecurity: “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communications, including information contained therein, to ensure its availability, integrity, authentication, confidentially and non-repudiation.” (NPSPD 54/HSPD 23) 1 IT Infrastructure, Operations, Maintenance, and Information Assurance 2 Domestic Law Enforcement & Counterintelligence 3 Specialized Cybersecurity Operations

5 Cybersecurity World Officer Enlisted Civilian 1,842 12,155 10,608 USN

6 DoD 8570.01-M Baseline Certifications
UNCLASSIFIED DoD M Baseline Certifications GCIH CAP CAP CEH CEH CEH CEH UNCLASSIFIED

7 DRAFT Update to Chapter 10 of DoD 8570.01-M

8 DON CIO Msg 021504Z FEB 10 - 2010 ACTIONS.
Ensure 100 % of personnel filling IAT and IAM billets certified by 31 Dec ‘10 Develop plan to meet OS/CE certification requirements. Training may be accomplished in service schools and a certificate may be awarded. Commercially certify 70 % of the CND SP AND IASAE Specialties by 31 Dec ‘10.  Ensure 5 % of commands receive a CS/IAWF inspection/ compliance visit in 2010.  Provide 2010 year end report electronically. Ensure annual IS user awareness training is augmented with command guidance. Ensure continuous learning is a standard business practice. Integrate tenets of CS/IAWF improvement into military operational exercises, the DRRS, METLs, PQS/OJT, and the IG check list. Develop headquarters level, red and blue team IAWF compliance visit methodology. Consolidate IA tasks into fulltime positions and reduce collateral duty. Fund DON mandated requirements through the POM process.

9 DoDD 8570.1 – Compliance/Policy Factors
Critical compliance requirements & accountabilities 4.1. All authorized users of DoD IS shall receive initial IA awareness orientation as a condition of access and thereafter must complete annual IA refresher awareness. 4.2. Privileged users and IA managers shall be fully qualified per reference (b), trained, and certified to DoD baseline requirements to perform their IA duties. 4.3. Personnel performing IA privileged user or management functions, regardless of job series or military specialty, shall be appropriately identified in the DoD Component personnel databases. 4.4. All IA personnel shall be identified, tracked, and managed so that IA positions are staffed with personnel trained and certified by category, level, and function. 4.5. All positions involved in the performance of IA functions shall be identified in appropriate manpower databases by category and level. 4.6 The status of the DoD Component IA certification and training shall be monitored and reported as an element of mission readiness and as a management review item per reference (b). IAMs team with HR, Personnel, & Training Officers to implement IA WIP.

10 SECNAVMAN 5239.2 IA WIP Site Review Checklist
Assessment & Gap analysis Site level review of IA WIP program plans, including documentation and procedures review. Method IA Workforce Management, IA Training, IA Certification Core Review Areas To assess the capability, performance and compliance against policies and requirements of DoDD and DoD M. Purpose Have IA and HR management personnel at the site level developed and implemented IA Workforce Improvement Program (IA WIP)? Critical Element DON Information Awareness Site Review Checklist On-site review to verify implementation & determine compliance status Target: 5% of commands per year

11 Actions to Become Compliant
Ensure civilian PDs contain requirement Ensure contracts contain contractor requirement Ensure positions are identified/tracked in Navy TWMS Use Carnegie Mellon Virtual Training Environment ( and/or NAVCYBER funded e-Learning ( Ensure individual’s info is in Defense Workforce Certification Application (DWCA) and Total Workforce Management System (TWMS)

12 Tools to Assist in Compliance
IA WIP Compliance/Assist Visits DoD Defense IA Program Naval Audit Service DON Headquarters level Service IA WIP Office of Primary Responsibility Inspector General DoD Command Cyber Readiness Inspection (CCRI) Red and Blue Team assist. Request IAWF Management Oversight and Compliance Council (IAWF MOCC) Leadership briefing to your leadership

13 The Command has options:
In the event an individual assigned to an IAWF position does not meet the C.C. compliance requirements: The Command has options: Issue a letter requiring performance improvement; Council/mentor/provide additional training Transfer the employee to a non-IAWF position; or DAA Grant waiver and additional time to meet requirement Terminate employment in accordance with established OCHR guidelines.

14 Summary: Cyber/IT Career Development Improving the Workforce through “Continuous Learning”

15 Background Information

16

17 Regarding IAWF civilians:
Per DoD M & SECNAV M the total force must obtain commercial certification to remain in the CS/IA workforce. Regarding IAWF civilians: Civilian personnel managers and supervisors must ensure: The position description (PD) and the HR hiring checklist contain the requirement to obtain commercial certification (C.C. ) as a condition of employment; Commanding Officer’s appointment letter may also state a C.C. is required to meet DoD M. Those with “privileged access” acknowledge IA and CE C.C. requirements; The C.C. process is provided; direction given for the IAWF member to take a C.C. pre-test, e-Learning, or VTE, and/or classroom training; The command offers remedial training if testing is unsuccessful; The supervisor mentors throughout the C.C. process; The command offers an employee the opportunity to take C.C. test three times; The individual’s supervisor counsels the individual as appropriate; The supervisor/IA professional meetings are documented; and The employee maintains C.C. currency in accordance with standard procedure.

18 DoD DFARS 48 CFR Parts 239 and 252 RIN 0750-AF52
Regarding Contractors: Defense Federal Acquisition Regulation Supplement; Information Assurance Contractor Training and Certification (DFARS Case 2006-D023). According to DoD AT&L PoC any change to an existing contract will need to be negotiated with the contractor. The corresponding guidance is posted to their website at This document requires "The designated contracting officer's representative (COR) to document the current information assurance certification status of contractor personnel by category and level, in the Defense Eligibility Enrollment Reporting System" (DEERS). However, the Defense Manpower Data Center (DMDC) is still developing the database/process to support this requirement so CORs cannot provide that information to DEERS at this time. (Look for upcoming DON CIO official message to provide DON guidance when DoD tool is ready. In the mean time report per service direction.)

Download ppt "IA Workforce Improvement Program"

Similar presentations

ETHICS AS CULTURE KEY ELEMENTS Stage One (primary) – Key Elements of a Culture of Ethics Appoint an ethics program manager to oversee your ethics-related.

ETHICS AS CULTURE KEY ELEMENTS Stage One (primary) – Key Elements of a Culture of Ethics Appoint an ethics program manager to oversee your ethics-related.
MONITORING OF SUBGRANTEES

MONITORING OF SUBGRANTEES
Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS 1 1 1.

Session No. 4 Implementing the State’s Safety Programme Implementing Service Providers SMS
29 May 01 1 Personnel Acquisition Demonstration Project (DEMO) Pay Pool Structure, Organization, & Management Prepared By: Barry Breen Edwards AFB, CA.

29 May 01 1 Personnel Acquisition Demonstration Project (DEMO) Pay Pool Structure, Organization, & Management Prepared By: Barry Breen Edwards AFB, CA.
Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.

Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
Joint Contingency Contracting

Joint Contingency Contracting
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
Chapter 43 An Act Relative to Improving Accountability and Oversight of Education Collaboratives Presentation to Board of Elementary and Secondary Education.

Chapter 43 An Act Relative to Improving Accountability and Oversight of Education Collaboratives Presentation to Board of Elementary and Secondary Education.
4/29/2009Michael J. Cohen1 Practical DIACAP Implementation CS526 Research Project by Michael J. Cohen 4/29/2009.

4/29/2009Michael J. Cohen1 Practical DIACAP Implementation CS526 Research Project by Michael J. Cohen 4/29/2009.
SPēD Certification Program Executive Overview. 2April 2012Executive Overview Purpose Outline the SPēD Program Provide SPēD Program update Provide SPēD.

SPēD Certification Program Executive Overview. 2April 2012Executive Overview Purpose Outline the SPēD Program Provide SPēD Program update Provide SPēD.
Joint Personnel Adjudication System (JPAS) Overview

Joint Personnel Adjudication System (JPAS) Overview
Information Assurance (IA) - Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication,

Information Assurance (IA) - Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication,
Form I-9 Process An Online Training for Supervisors and Designees Presented by Human Resources Revised November 2009.

Form I-9 Process An Online Training for Supervisors and Designees Presented by Human Resources Revised November 2009.
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.

NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Information Systems Security Officer

Information Systems Security Officer
Center for Health Care Quality Licensing & Certification Program Evaluation 1 August 2014 rev.

Center for Health Care Quality Licensing & Certification Program Evaluation 1 August 2014 rev.
IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.

IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist

Similar presentations

Ads by Google