How DOD's certification program works

Directive 8570 requires all personnel be qualified for their job

Defense Department Directive 8570 requires military, civilian and contract personnel who handle information assurance for department systems to have certifications appropriate for the job they perform. DOD published a manual describing various job categories, including technical and management positions, and the different certifications that meet the training requirement. DOD foots the bill for any training and certification required for its employees.

Here are examples of some job types and commercial certifications approved by DOD. Cost information does not always reflect government volume discounts.

Job category: Information Assurance Technical Level I (there are three IAT levels)
Example certification: A+
Provider: CompTIA
Training time and cost: One provider offers a five-day course for $1,800. Exam costs $132 for CompTIA members and $168 for nonmembers. No minimum work experience or education is required, but six months of job experience is recommended.

Job category: Information Assurance Management Level III (there are three IAM levels)
Example certification: GIAC Security Leadership Certification
Provider: Global Information Assurance Certification, affiliated with SANS Institute
Training time and cost: The SANS Institute offers an annual nine-day training conference for $5,250. The exam costs $899, or $499 if you take the SANS seminar. You must renew certification every four years for $325. No work experience or education is required to take the test.

Job category: Incident Responder
Example certification: CERT-Certified Computer Security Incident Handler
Provider: Carnegie Mellon Software Engineering Institute
Training time and cost: The Software Engineering Institute and its licensees offer a three-course training sequence. Each course lasts five days. Course costs vary. Exam is $200. You must have at least three years of experience in incident handling in a technical and/or management role within seven years of submission of your application.

Job category: Computer Network Defense Auditor
Example certification: Certified Information Systems Auditor
Provider: Information Systems Audit and Control Association
Training time and cost: One local ISACA chapter offers a training course of 2.5-hour weekly sessions for 14 weeks. The course cost is $300 for members and $325 for nonmembers, plus course and study materials. Other organizations also offer courses. The exam costs $400 for DOD employees. You must have five years of work experience in the fields of information systems auditing, control, assurance or security within 10 years of applying.

Job category: Information Assurance System Architect and Engineer Specialty I (there are three IASAE levels)
Example certification: Certified Information Systems Security Professional
Provider: (ISC)2
Training time and cost: (ISC)2 offers a five-day seminar for $2,695. Exam is $449. Five cumulative years of relevant experience are required.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Reader Comments

Wed, Jul 1, 2009 Bill Florida

The exam cost for CISSP just went up - better check your information.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close
SEARCH
contracts DB

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Read More

  • Is SBA MIA on contractor fraud? Nick Wakeman

    Editor Nick Wakeman explores the puzzle of why SBA has been so silent on the latest contractor fraud scandal when it has been so quick to act in other cases. Read More

Webcasts

  • How Do You Support the Project Lifecycle?

    How do best-in-class project-based companies create and actively mature successful organizations? They find the right mix of people, processes and tools that enable them to effectively manage the project lifecycle. REGISTER for this webinar to hear how properly managing the cycle of capture, bid, accounting, execution, IPM and analysis will allow you to better manage your programs to stay on scope, schedule and budget. Learn More!

  • Sequestration, LPTA and the Top 100

    Join Washington Technology’s Editor-in-Chief Nick Wakeman as he analyzes the annual Top 100 list and reveals critical insights into how market trends have impacted its composition. You'll learn what movements of individual companies means and how the market overall is being impacted by the current budget environment, how the Top 100 rankings reflect the major trends in the market today and how the biggest companies in the market are adapting to today’s competitive environment. Learn More!