Presentation is loading. Please wait.

Presentation is loading. Please wait.

Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire.

Published byEmil Hutchinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire."— Presentation transcript:

1

2 Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire

3 Agenda What is it? What is it? Why Why Governance Governance What is available What is available Courses Available Courses Available Certification Certification How (unique requirements) How (unique requirements) DACUM Process DACUM Process Questions Questions

4 Just In Time Training What you need…when you need it.

5 Governance Computer Security Act of 1987/Public Law 100-235 Computer Security Act of 1987/Public Law 100-235 Mandatory periodic training of personnel who manage, use, or operate Federal computer systems Mandatory periodic training of personnel who manage, use, or operate Federal computer systems Committee on National Security Systems (CNSS) Issuances Committee on National Security Systems (CNSS) Issuances NSTISSD 500(ISS INFOSEC ATE), 501(National Training Program for ISSPs), 4011 (Training Standard for INFOSEC Profs), 4012 (National Training Standard for DAAs), 4013 (Std for Std for SysAdmins), 4014 (Std for ISSO) and 4015 (Std for Certifiers) NSTISSD 500(ISS INFOSEC ATE), 501(National Training Program for ISSPs), 4011 (Training Standard for INFOSEC Profs), 4012 (National Training Standard for DAAs), 4013 (Std for Std for SysAdmins), 4014 (Std for ISSO) and 4015 (Std for Certifiers)

6 Governance (continued) Information Assurance, DoD Dir 8500.1 Information Assurance, DoD Dir 8500.1 DoD shall train for the defense of computer network defense DoD shall train for the defense of computer network defense All personnel authorized access to DoD information systems shall be trained in accordance to DoD and Component policies and requirements and certified to perform IA responsibilities All personnel authorized access to DoD information systems shall be trained in accordance to DoD and Component policies and requirements and certified to perform IA responsibilities Develop and promulgate IA Policy related to training Develop and promulgate IA Policy related to training Develop and Provide IA training and awareness products Develop and Provide IA training and awareness products NSA shall develop, implement ad oversee an IA education, training and awareness program for users and administrators of DoD cryptologic SCI systems NSA shall develop, implement ad oversee an IA education, training and awareness program for users and administrators of DoD cryptologic SCI systems

7 Governance (continued) DoD Directive 8500.1 (continued) DoD Directive 8500.1 (continued) DoD Components shall ensure that IA awareness, training, education and professionalization for personnel developing, using, operating, administering, maintaining, and retiring DoD information systems DoD Components shall ensure that IA awareness, training, education and professionalization for personnel developing, using, operating, administering, maintaining, and retiring DoD information systems Supplanted DoD Directive 5200.28 Supplanted DoD Directive 5200.28 NSA - Train DoD Components in evaluation techniques NSA - Train DoD Components in evaluation techniques JCS – Educate & train at NDU JCS – Educate & train at NDU Establish training and awareness program for all DoD civilians, military and contractor personnel accessing civilians, military and contractor personnel accessing information systems information systems Training and awareness program shall be established Training and awareness program shall be established

8 Governance (continued) OMB Circular A-130 OMB Circular A-130 Information resources management means the planning, budgeting, organizing, directing, training, and administrative control associated with government information resources. Information resources management means the planning, budgeting, organizing, directing, training, and administrative control associated with government information resources. Provide training and guidance as appropriate to all agency officials and employees and contractors regarding their Federal records management responsibilities Provide training and guidance as appropriate to all agency officials and employees and contractors regarding their Federal records management responsibilities

9 Governance (continued) OMB Circular A-130 OMB Circular A-130 The agency knows a substantial portion of users have ready access to the necessary information technology and training to use electronic information dissemination products The agency knows a substantial portion of users have ready access to the necessary information technology and training to use electronic information dissemination products Develop and conduct training programs for Federal personnel on information resources management including end-user computing Develop and conduct training programs for Federal personnel on information resources management including end-user computing Establish personnel security policies and develop training programs for Federal personnel associated with the design, operation, or maintenance of information systems Establish personnel security policies and develop training programs for Federal personnel associated with the design, operation, or maintenance of information systems Privacy Act Training Privacy Act Training Agencies must plan for incorporating policies and procedures regarding regarding computer security, records management, protection of privacy, and other safeguards into the training of every employee and contractor. Agencies must plan for incorporating policies and procedures regarding regarding computer security, records management, protection of privacy, and other safeguards into the training of every employee and contractor.

10 Courses Operational Information Assurance Curriculum Operational Information Assurance Curriculum (U) INTRO TO COMPUTER SECURITY (web based) (U) INTRO TO COMPUTER SECURITY (web based) (U) OPERATIONAL INFORMATION ASSURANCE PART1 (web based) (U) OPERATIONAL INFORMATION ASSURANCE PART1 (web based) (U) OPERATIONAL INFORMATION ASSURANCE - PART II (ILT - offered monthly) (U) OPERATIONAL INFORMATION ASSURANCE - PART II (ILT - offered monthly) (U) COMPUTER SECURITY FOR SUPERVISORS (web based) (U) COMPUTER SECURITY FOR SUPERVISORS (web based) (U) NSA/CSS INFORMATION SYSTEMS CERTIFICATION AND ACCREDITATION PROCESS (NISCAP) (ILT – offered quarterly) (U) NSA/CSS INFORMATION SYSTEMS CERTIFICATION AND ACCREDITATION PROCESS (NISCAP) (ILT – offered quarterly)

11 Courses (Continued) Malicious Code (Under Development) Malicious Code (Under Development)

12 Required Training Introduction to Computer Security Introduction to Computer Security Computer Security for Managers Computer Security for Managers Operational Security Operational Security

13 Training Plan Awareness Initiatives Awareness Initiatives Presentations Presentations Posters and Trinkets Posters and Trinkets Training Initiatives Training Initiatives Courses/Curriculum Courses/Curriculum

14 What is available? Colleges and Universities Colleges and Universities Commercial Institutions Commercial Institutions Department of Defense Department of Defense Federal Institutions Federal Institutions

15 How – Unique Requirements Develop a Curriculum (DACUM) Process Develop a Curriculum (DACUM) Process Phase I Phase I Participants Participants Job Description or Focus Statement Job Description or Focus Statement Tasks, Knowledge and Skills Tasks, Knowledge and Skills Phase II Phase II Units of Instructions Units of Instructions Course Content Course Content

16 DoD Directive 8570 (DRAFT) Information Assurance Training, Certification and Work Management (Draft) Information Assurance Training, Certification and Work Management (Draft) Train and certify IA Workforce Train and certify IA Workforce

17 Questions ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?

Download ppt "Just In Time Training (JITT): How Not to Jump from the Frying Pan into the Fire."

Similar presentations

Assignment 4 Instructor: Dr E. Crowley Student: Victor Wong Date: 23 September, 2004.

Assignment 4 Instructor: Dr E. Crowley Student: Victor Wong Date: 23 September, 2004.
Common/shared responsibilities between jobs.

Common/shared responsibilities between jobs.
Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.

Privacy Impact Assessment Future Directions TRICARE Management Activity HEALTH AFFAIRS 2009 Data Protection Seminar TMA Privacy Office.
Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.

Management Internal Control Program Presented by: USU Manager's Internal Control Program Team Office of Accreditation and Organizational Assessment.
METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.

METRICS AND CONTROLS FOR DEFENSE IN DEPTH AN INFORMATION TECHNOLOGY SECURITY ASSESSMENT INITIATIVE.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.

Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
Federal Concierge LLC All Rights Reserved www.federalconcierge.com FAC-P/PM– Compliance Discussion.

Federal Concierge LLC All Rights Reserved FAC-P/PM– Compliance Discussion.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Security and Personnel

Security and Personnel
The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.
4/29/2009Michael J. Cohen1 Practical DIACAP Implementation CS526 Research Project by Michael J. Cohen 4/29/2009.

4/29/2009Michael J. Cohen1 Practical DIACAP Implementation CS526 Research Project by Michael J. Cohen 4/29/2009.
October 3, 20031 Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.

October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
Security Controls – What Works

Security Controls – What Works
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.

NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
Data Management Awareness January 23, 2008 1 University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.

Data Management Awareness January 23, University of Michigan Administrative Information Services Data Management Awareness Unit Liaisons January.
Information Systems Security Officer

Information Systems Security Officer
IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.

IA CERTIFICATION TRAINING AND CONTINUING EDUCATION OPPORTUNITIES IN THE LOCAL AREA PRESENTER: DEBORAH J. SINCLAIR, Ph.D. Standard Technology, Incorporated.
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist

Similar presentations

Ads by Google