The U.S. Department of Defense (DoD) directive 8570, which is titled “Information Assurance Workforce Improvement Program,” outlines the expectations for training, certification, and management of the DoD workforce who perform Information Assurance (IA) duties. The directive is specific to individuals or agencies who implement, manage and maintain DoD IT systems.
Persons who come under the directive include contractors, consultants, part-time or full-time military personnel, and civilian employees who perform management and technical information assurance roles and functions. Personnel that are affected by DoD 8570 have to be trained according to the directive and certified. The certification requirements of the various functions demonstrate the ability of the individual to perform that specific duty. The types of roles that DoD 8570 defines are those responsible for the protection of vital information that is in the nation’s interests.
NOTE: DoD 8570 will eventually be replaced by DoD 8140. However, at the time of writing the manual for DoD 8140 is yet to be published. Creation of manuals for DoD directives often take several years, and until such a time as the directive is documented, DoD 8570 will remain the key directive for the Information Assurance workforce at the DoD.
What is the DoD IAM?
The DoD is a highly structured organization with a distinct hierarchy. The overarching structure is called the “Information Assurance Workforce, Workforce Improvement Program” (IA WIP). Within this workforce umbrella are two separate categories called Information Assurance Technical (IAT) and Information Assurance Management (IAM).
What are the DoD IAM Levels?
Within the IAM category are three levels, each having its own sub-levels:
- Level 1: Computing environment information assurance
- Level 2: Network environment information assurance
- Level 3: Enclave information assurance
The category levels reflect the system architecture and not the grade of the individual (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/w-jzNTLFrI4/