Security University classes are certified by NSA

CNSS approves the

Qualified Information Security Professional Classes

Qualified Information Assurance Professional Classes

Qualified Software Security Professional Classes

8570 Training & Continuing Ed Training - C1.4.4.13. Ensure personnel performing IA functions on national security systems meet the Committee on National Security Systems training requirements. This is in addition to the requirements of this Manual. EC-Council CEH, ECSA, LPT, CHFI do NOT meet CNSS training requiremets. ONLY SECURITY UNIVERSITY Classes are approved.

The NSA's (IACE) Committee has certified Security University's classes CNSS-approved (Committee on National Security Systems) for 4011 and 4016.

Only Security University provides CNSS-approved Q/ISP, QSA/ QPTL, QSH, QEP, QFE, Q/WAD, Q/SSE, and CWNA, CWSP classes. Making the SU Qualified Credentials top of the list to satisfy the 8570 workforce training and continuing education C1.4.4.13 requirement.

The Information Assurance Courseware Evaluation (IACE) Program implements a process to systematically assess the degree to which the courseware from commercial, government, and academic sources maps to the national standards set by the Committee on National Security Systems (CNSS) .

The IACE Program is currently managed by the National Information Assurance Education and Training Program Office within the Information Assurance Directorate at NSA. The goal of the IACE Program is to expand the use of national standards in information assurance education and training throughout the nation. These standards were developed for the government, but have been kept unclassified to share with the greater IA community.

IACE information

What is"CNSS"?

The Information Assurance Courseware Evaluation (IACE) Program implements a process to systematically assess the degree to which the courseware from commercial, government, and academic sources maps to the national standards set by the Committee on National Security Systems (CNSS).

The IACE Program is currently managed by the National Information Assurance Education and Training Program Office within the Information Assurance Directorate at NSA. The goal of the IACE Program is to expand the use of national standards in information assurance education and training throughout the nation. These standards were developed for the government, but have been kept unclassified to share with the greater IA community.
 
The National Centers of Academic Excellence in Information Assurance Education Program is an outreach program designed and operated initially by the National Security Agency (NSA) in the spirit of Presidential Decision Directive 63, ( http://www.usdoj.gov/criminal/cybercrime/white_pr.htm ) National Policy on Critical Infrastructure Protection, May 1998. The program is now jointly sponsored by the NSA and the Department of Homeland Security (DHS) in support of the President's National Strategy to Secure Cyberspace, February 2003. The goal of the program is to reduce vulnerability in our national information infrastructure by promoting higher education in information assurance (IA), and producing a growing number of professionals with IA expertise in various disciplines. See http://www.nsa.gov/ia/academia/acade00001.cfm for details on the program, criteria, and process, as well as a list of the prestigious universities designated as National Centers of Academic Excellence in Information Assurance Education.

The Secretary of Defense and the Director of Central Intelligence are responsible for developing and overseeing the implementation of government-wide policies, principles, standards and guidelines for the security of systems with national security information.

Only Security University provides CNSS-approved CISSP, CWNA, CWSP, QSA/ QPTL, QSH, QFE, QEP, QSSE, courses. Making the SU Qualified Credentials top of the list of approved security credentials to satisfy the 8570 workforce training and continuing education C1.4.4.13 requirement.

Each of SU's instructors are CISSP's and cross-certified with security credentials such as QSH/CEH, QSA/ECSA and QFE/CHFI.

What is DoD 8570?

8570 provides guidance and procedures for the training, certification, and management of the DoD workforce conducting Information Assurance functions in assigned duty positions. It also provides guidance on reporting metrics.

What agencies are affected by 8570?

• Office of the Secretary of Defense
• Military Departments
• Chairman of the Joint Chiefs of Staff
• Combatant Commands
• Office of the Inspector General of the DoD
• Defense Agencies
• DoD Field Activities
• all other organizational entities in the DoD

Who is affected by 8570?

Any full- or part-time military service member, contractor, or local nationals with privileged access to a DoD information system performing information assurance (security)functions -- regardless of job or occupational series.

The manual, 8570.01M , specifies that the Department of Defense requires approximately 110,000 identified Information Assurance professionals to be certified within a five year time period. The Defense Information Assurance Program office has divided its Information Assurance workforce into six defined categories (see chart below). The manual also specifies the types of commercial information assurance credentials that qualify for each of the defined categories.

When is 8570 effective?

8570 is effective immediately and is mandatory for use by all the DoD Components.

Where can I find more information from the Department of Defense on the requirements?

Visit the DoD IASE website at: http://iase.disa.mil/eta/index.html#8570training (.mil or .gov only). If you cannot access the DoD website call the Defense Information Assurance Program Office at 703-604-1480x112 for additional information.

Where can I find the 8570 Manual?

• Click on this link: 8570.01M OR
  Copy and paste: http://www.dtic.mil/whs/directives/corres/html/857001m.htm

DoD Requirements

- Identify all positions performing information system management (IA Management) or privileged access (IA Technical) IA functions by category and level
- This applies to all positions with IA duties, whether performed as primary or additional/embedded duties (full or part-time)
- Train, certify, and obtain the proper security clearance for all personnel (IA Technical & IA Management) identified as part of the IA workforce to accomplish their IA duties

Certification Requirements

- Personnel identified as IA Technical Personnel (IATs) and part of the IA Workforce must obtain and maintain IA & Computing Environment professional certifications.
- Personnel identified as IA Management Personnel (IAMs) and part of the IA Workforce must obtain and maintain IA professional certifications.
- The certification requirements apply to DoD civilian employees, military personnel, local nationals, and support contractors performing IA functions either full or part-time

What are the DoD Approved Certifications?

Per Table AP3.T1, here are the "DoD Approved Baseline Certifications:"

IAT Level I	IAT Level II	IAT Level III
A+ Network+ SSCP	GSEC Security+ SCNP SSCP	CISA CISSP GSE SCNA
IAM Level I	IAM Level II	IAM Level III
GISF GSLC Security+	GSLC CISM CISSP	GSLC CISM CISSP

Which SU courses align with "DoD Approved Certifications"?

Top 

View Class Schedule