SBN

How to Achieve DoD 8570 IAT Level I Compliance

A part of the larger Department of Defense (DoD) Directive to provide guidance and procedures for the training, certification, and management of all government employees working in the DoD’s technical environment, the DoD IAT Level I policy governs the Information Assurance Training (IAT) expected of individuals in specific security positions. Created to be inclusive of both military, contractor, and civilian employees with access to DoD systems and performing information assurance functions, the DoD 8570 directive includes three levels that are cumulative in function. In other words, working at IAT Level II or Level III positions requires mastery of the functions of the preceding levels.

Compliance with DoD IAT Level I can be met by successfully obtaining one of four certifications aligned to the IAT Level I model approved by the DoD. The directive does not outline how an individual must train for the certifications or what specific experience is needed outside of that provided by the body governing the certification itself, including any continuing education required to maintain an active status.

DoD employees and contractors performing IA functions must achieve Level I compliance within 6 months of their assignment to an IA duty unless a waiver is granted. Those unable to meet or maintain DoD IAT Level I compliance standards should lose their privileged access to DoD systems until they can do so.

The professionals are serving in DoD IAT Level I positions work to make the computing environment less vulnerable by correcting system flaws and implementing basic security controls. Individuals working in positions that fall within Level I normally have 0 to 5 years of experience in information assurance and can apply basic knowledge of security concepts and practices in a computer environment. Staff in these roles work under the supervision of a manager with actions having to be (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Patrick Mallory. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/ti10jG3ge8U/