Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Assurance Workforce (IAWF)

Published byOswald Andrews Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Assurance Workforce (IAWF)"— Presentation transcript:

1 Information Assurance Workforce (IAWF)
Presented by: James Perkins Director, IT Workforce and Training 17-19 February 2011 IA Workforce

2 Learning Objectives Recognize the IAWF references
Learn the identification, tracking, and management of the IA Workforce Apply procedures for training resources 17-19 February 2011 IA Workforce 2

3 Agenda IAWF References/Background Identify IAWF Manage IAWF
Tracking IAWF IAWF Development Certification Process Training Resources Points of Contact Questions 17-19 February 2011 IA Workforce 3

4 IAWF References/Background
DoD M SECNAV M BUMED INST 5239.xx NAVMED Policy Memo DoD and DON have established standard procedures for some processes, such as: Applying for and receiving IA baseline certification training Applying for and receiving an exam voucher Registering for an exam End of Refs: NAVMED procedures for achieving and documenting IA Certification compliance are based on DoD policy, DON policy and procedure, IAWWG direction and resources, and the requirements of the NAVMED IA workforce. End of procedures: These processes and procedures will be leveraged within NAVMED, and combined with NAVMED-specific procedures, to create the NAVMED DoD M implementation strategy. The overall NAVMED process integrates policy and business rules from a variety of sources to establish a framework for identifying, preparing for, achieving, and documenting compliance with DoD M and SECNAV M

5 Identify IAWF IA Technical:
Privileged Access: Individuals who have access to system control, monitoring, or administration functions (e.g., system administrator, system programmer) are said to have “privileged access” and therefore, require training and certification to IA Technical levels I, II, or III depending on the functions they perform. Must also be trained and certified on the OS or CE they are required to maintain Some examples of jobs that hold privileged access or require personnel to perform IA functions include: Help Desk Customer Supervisor – Level II or III Help Desk Service Technician – Level I - III Data Manager – Level III System Administrator – Level II (NE) or III (Enclave) System Developer – Normally an IAM unless they have privileged access, Level II (NE) or III (Enclave)

6 Identify IAWF IA Technical (IAT):
Privileged Access: Individuals who have access to system control, monitoring, or administration functions (e.g., system administrator, system programmer) are said to have “privileged access” and therefore, require training and certification to IA Technical levels I, II, or III depending on the functions they perform. Must also be trained and certified on the OS or CE they are required to maintain Some examples of jobs that hold privileged access or require personnel to perform IA functions include (IAT Certification Flow Chart: Help Desk Customer Supervisor – IAT Level II or III Help Desk Service Technician – IAT Level I – II Data Manager – IAT Level III System Administrator – IAT Level II (NE) or III (Enclave) System Developer – Normally an IAM unless they have privileged access, Level II (NE) or III (Enclave)

7 Identify IAWF IA Manager (IAM): IAM Level III: IAM Level II:
Responsible for ensuring the information system (IS) is operated, used, maintained, and disposed of in accordance with security policies and Practices IAM Certification flow chart: IAM Level III: BUMED Enclave (CDR Richard Makarski- Director, BUMED M62) IAM Level II: Fulfilling duties at the network level, reports to IAM III IAM Level I: Fulfilling duties at the computing level, reports to the IAM II

8 Identify IA IAWF

9 Manage IAWF IAMs must have: IATs must have:
IAM Appointment Letter (Example: SECNAV M , Appendix C) DoD Workforce IA Special Code: Information Security (INFOSEC) DoD Workforce PQS/OJT: If 2210, IT Designated, or NEC this is automatic IA Certification Identified as INFOSEC on AMD Civilians: Identified as INFOSEC in DCPDS Civilians: Condition of employment clause on Position Description (Examples: SECNAV M , para ) Contractors: Identified as INFOSEC in CVS IATs must have: Privileged Access Agreement (Example: DoD M, Appendix 4) OS Certification

10 Track IAWF TWMS: Tracking/Management Responsibility: TWMS issues:
Navy Medicine Policy Memorandum , 17 December 2009, “Information Assurance (IA) Workforce Identification, Tracking, Monitoring, and Reporting” Tracking/Management Responsibility: Command IAM BUMED M65 TWMS issues: Personnel are registered in the database but are NOT identified as IAWF IAMs do not have appropriate permissions to update personnel as IAWF Personnel are being denied exam vouchers because they are not properly identified as IAWF in the database

11 Track IAWF BUMED IA Cert %: OS Cert %: NME NMW NCA NMSC According to TWMS: 481 members comprise the Navy Medicine IAWF* * (as of 31 December 2010)

12 Track IAWF Problems identified in TWMS Recommendations
Personnel are registered in the database but are NOT identified as IAWF IAMs do not have appropriate permissions to update personnel as IAWF Personnel are being denied exam vouchers because they are not properly identified as IAWF in the database Recommendations Site IAMs need to continue to pursue proper permissions for the TMWS database IAMs should check to ensure IAWF members are not only registered in the database but also properly identified as IAWF Personnel should check their own records to ensure that they are registered as IAWF

13 IAWF Development Holistic workforce development solution based on training (classroom and on-the-job), certification, maintenance, continuing education, etc.

14 Certification Process
Start Take DIAP-Sponsored Pre-Test for Appropriate Exam Review Self-Study Reference Guide with Training Coordinator Need Plan? No Take Basic IA Knowledge Assessment Yes Yes Pass? Pass? No Yes No Work with Manager to Select Self-Study Courses and Document Plan Take/Review Basic/Conceptual IA Training Courses Based on Self-Study Guide Take Certification Training* (or use Self-Study Methods) via NAVMED Voucher Request Exam Voucher Through NETWARCOM Process per Business Rules Report Success to Navy Medical Coordinator Who Logs Results in Appropriate Tool Yes Register and Take Exam via Proctored/Approved Site for Testing End Pass? No Engage in Additional Preparation (Courses or Study) Identify Knowledge Shortfalls with Training Coordinator or via Exam Feedback Components/processes under NAVMISSA control. Processes and procedures defined by Navy policy and guidance. Decision points

15 Certification Process
Efforts moving forward: Personnel who have received CISSP vouchers are required to test within 90 days of completing training Personnel will need to be contacted for exam results information Updates will need to be made in the TWMS database to reflect new certification information Personnel receiving Security+ certifications after Jan 2011 will be required to register their certification with CompTIA and must complete CPE credits to maintain their certifications Personnel who obtained the Security+ certification prior to Jan 2011 will also have requirements for keeping their certifications active More information regarding maintaining certification and requirements is coming soon

16 Resources Navy Credentialing Opportunities On-Line (COOL)
Defense Information Systems Agency IAWF Certification Resources Home Page Navy SKILLPORT training page

17 Resources COOL (Credentialing Opportunities On-Line) explains how Navy service members can meet civilian certification and license requirements related to their ratings, jobs, designators, and occupations. Use COOL to: Get background information about civilian licensure and certification. Identify licenses and certifications relevant to Navy ratings, jobs, designators, and occupations. Learn how to fill gaps between Navy training and experience and civilian credentialing requirements. Learn about resources available to Navy service members that can help them gain civilian job credentials.

18 Resources Training Voucher Program:
Command is responsible for travel costs and time, but in most cases the vendors will have training available at regional locations Regional courses will be scheduled if sufficient staff are available No staff should be attending certification training for certifications that do not match their role and/or experience level For example: No IAT I personnel should attempt CISSP unless highly-experienced (5 or more years is requirement) Those using Navy Medicine funds must agree to follow through with certification and will be tracked for results DON’s exam voucher program, administered by NETWARCOM, will provide certification test vouchers on-demand (72 hour turn-around) for all personnel who are properly identified in the TWMS database as IAWF Staff must pass NETWARCOM-specified exam pre-tests with an 80% score to receive a voucher per NETWARCOM’s policy

19 Resources Training Voucher Program (continued):
Training Program currently offers training and certification opportunities in two categories: Security+ Available for all IAWF personnel who fall into IAT Levels I and II or IAM Level I Training and testing is held on site by NAVMED selected vendor CISSP Available for all IAWF personnel who fall into IAT Level III and IAM Level II or III Personnel are required to locate a public training and testing session near their home site Other certification opportunities are available through NETWARCOM or other vendors but are not covered by NAVMED funds Personnel are free to pursue other certifications that meet DoD M compliance standards with personal funds, site provided funding, or other funding methods

20 Leading NAVMED through PortfolioManagement.
Contact Information Mr. James Perkins, Director IM/IT Workforce and Training (M65) or Mr. Christopher Taylor, Program Analyst or Ms. Natalie Salisbury, IM/IT Workforce Support or Ms. Rasheedah Sharp, IM/IT Workforce Support or 17-19 February 2011 Leading NAVMED through PortfolioManagement.

21 Leading NAVMED through PortfolioManagement.
Questions 17-19 February 2011 Leading NAVMED through PortfolioManagement. 21

Download ppt "Information Assurance Workforce (IAWF)"

Similar presentations

MONITORING OF SUBGRANTEES

MONITORING OF SUBGRANTEES
Medical Devices on the Network Presented by: CDR James Martin & CDR Richard Makarski 17-19 February 2011 Medical Devices on the Network.

Medical Devices on the Network Presented by: CDR James Martin & CDR Richard Makarski February 2011 Medical Devices on the Network.
DoD Information Assurance Certification

DoD Information Assurance Certification
Badger Exam 3-8 Roles and Responsibilities. Roles and Responsibilities A successful administration of the Badger Exam 3-8 is dependent upon school and.

Badger Exam 3-8 Roles and Responsibilities. Roles and Responsibilities A successful administration of the Badger Exam 3-8 is dependent upon school and.
External Quality Assessments

External Quality Assessments
IA Workforce Improvement Program

IA Workforce Improvement Program
IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.

IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.
Educational Activities Akinori Nishihara IEEE Region 10 EAC Chair.

Educational Activities Akinori Nishihara IEEE Region 10 EAC Chair.
Data Protection Recruitment Process

Data Protection Recruitment Process
Ann Murphy, Office of the Chief Administrative Officer NOAA Trusted Agent Training Silver Spring, MD October 2014 National Oceanic and Atmospheric Administration.

Ann Murphy, Office of the Chief Administrative Officer NOAA Trusted Agent Training Silver Spring, MD October 2014 National Oceanic and Atmospheric Administration.
Learning with a Purpose: Learning Management Systems Patti Holub, Director District Initiatives and Special Projects Miguel Guhlin, Director Instructional.

Learning with a Purpose: Learning Management Systems Patti Holub, Director District Initiatives and Special Projects Miguel Guhlin, Director Instructional.
KYOTE Training: The People 2014-15. Purposes of Presentation Describe the positions that school personnel must fill in order to conduct KYOTE testing.

KYOTE Training: The People Purposes of Presentation Describe the positions that school personnel must fill in order to conduct KYOTE testing.
Teacher Assistant Guidelines Student Services 2009.

Teacher Assistant Guidelines Student Services 2009.
Teachers directing the work of paraprofessionals

Teachers directing the work of paraprofessionals
Path to Successful Representation. Train and Assist Veteran Service Officers Policy Number: 3.01 Effective Date: 08/06/2008 Revised/Reviewed: 2/1/2012.

Path to Successful Representation. Train and Assist Veteran Service Officers Policy Number: 3.01 Effective Date: 08/06/2008 Revised/Reviewed: 2/1/2012.
Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire.

Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire.
How to Prevent Findings Part 2 Michigan State Police Emergency Management and Homeland Security Division Ms. Jackie Reese, Audit Unit Manager Mr. Richard.

How to Prevent Findings Part 2 Michigan State Police Emergency Management and Homeland Security Division Ms. Jackie Reese, Audit Unit Manager Mr. Richard.
Career Opportunities in Information Technology There are four main categories of IT jobs, grouped by the main focus of the job: Sales and support Software.

Career Opportunities in Information Technology There are four main categories of IT jobs, grouped by the main focus of the job: Sales and support Software.
Roles and Responsibilities

Roles and Responsibilities
ASA (FM&C) 1 Department of the Army Mass Transportation Benefit Program (MTBP) Outside the National Capital Region (NCR) Guidance for Program Points of.

ASA (FM&C) 1 Department of the Army Mass Transportation Benefit Program (MTBP) Outside the National Capital Region (NCR) Guidance for Program Points of.

Similar presentations

Ads by Google