• Home
  • Military Discounts
    • Military & Veteran Discount List
    • Local Military and Veterans Discounts
    • Apple Military Discount
    • Veteran & Military Cell Phone Discounts
    • Gym and Health Club Discounts
  • Benefits
    • 10 Veterans Benefits You May Not Know About
    • Top Military Spouse Benefits
    • Medal of Honor: Benefits, History and Facts
    • Purple Heart Benefits
    • Veterans Health A to Z
  • Housing & Home Ownership
    • VA Loan Calculator
    • VA Loan Limits by County
    • VA Home Loan Guide
    • 5 Benefits of a VA Loan
    • 2022 BAH Rates
    • BAH Calculator
  • Money & Finance
    • 2022 Military Pay Charts
    • 2022 Defense Budget
    • 2022 Military Pay
    • 2022 Military Pay Charts
    • COLA Watch 2022-2023
    • Military Pay Calculator
    • Military Pay Dates
    • VA Disability Rates
  • Jobs
    • Veteran Friendly Employers
    • Military Spouse Employment Preference
    • Veterans Employment and Training Service (VETS)
    • Security Clearance Jobs After the Military
  • Education
    • Veteran Friendly Colleges
    • Online Colleges with Military Discounts
    • Veteran Friendly Colleges Guide
    • Military Spouse Career Advancement Accounts (MyCAA)
    • Monthly Housing Allowance (MHA) for the GI Bill
    • Forever GI Bill
  • Resources
    • How to Get a Veterans ID Card
    • Veterans ID on Driver’s License or ID Card by State
    • Military ID Cards
    • Military Calendar
    • State Veteran’s Benefits
Home » DoD Directive 8140: IT Training & Certification Requirements

DoD Directive 8140: IT Training & Certification Requirements

by MilitaryBenefits

Anyone trying to get a foot in the door of the IT world as it pertains to the defense industry will want to ensure they meet or exceed DoD standards as previously set by DoDD 8570, now governed by DoDD 8140. DoDD 8140 provides guidance and procedures for the training, certification, and management of all government employees within cyberspace workforce positions.

Department of Defense Directive 8570 (DoDD 8570) was an official federal government policy covering requirements for training and certifying those with access to certain information assurance functions of the Department of Defense.

This DoD policy was replaced in 2015 by DoDD 8140, which is the official policy today and supersedes the prior DoDD 8570 (see below). DoDD 8570 codified the policies and duties of DoD information assurance operations, detailed training and certification requirements and related issues.

A Brief History Of DoD 8570

DoD Directive 8140
Photo by Rick Naystatt

Before 2005, there were no requirements or provisions for certification training to do information assurance work for the federal government. In 2005, DoDD 8570 was established to give specific guidance and requirements for these workers.

DoDD 8570 made important changes in the way system administrators, technicians, and security managers did their jobs and met their training requirements.


Streamlining Standard Requirements

DoDD 8570 caught on in the federal workplace, becoming more popular and widely used until there was a need to break down requirements into a variety of categories or contexts. Those categories include:

  • Information Assurance Technician
  • Information Assurance Manager
  • Computer Network Defense
  • Information Assurance System Architecture and Engineering
  • Computing Environment

Thanks to 8570, workers in these areas could be assigned specific certification requirements and some fell across more than one single category.


DoDD 8140 Replaces 8570

Ten years later, a replacement (which ultimately became DoDD 8140) was desperately needed; much of the original technology and/or software had been supplemented, upgraded, or replaced by newer, more efficient systems with their own sets of vulnerabilities.

Work began to update DoDD 8570 in 2012, with the required tasks doubling as a result.

It was clear that a more comprehensive policy would be needed and in 2015 DoDD 8140 was rolled out to replace the older DoDD 8570.

The alphabet soup-style letter and number combinations may be a bit confusing, but the new policy outlined by DoDD 8140 would provide much more clear and relevant-to-current-systems-and-threats policies.

Ultimately, DoDD 8570 was incorporated into DoDD 8140 with expanded features, but until the new requirements could be fully implemented, compliance with the original standard was still necessary.

There were interim fixes including a document known as DoD 8570.01-M which was billed as something that would “remain in effect until it is canceled formally” according to the DoD Cyber Exchange official site, public version. In the end, DoD Directive 8570 was replaced by the newer updated DoDD 8140.

8140 Updates Standard Requirements

DoD 8140 is known today as the Information Assurance Workforce Improvement Program and many sources cite the directive’s most common 8140-compliant IT and security certification as including A+, Network+, Security+, CEH, and CISSP.

8140 was designed based on something known as the National Institute of Standard and Technology and National Initiative for Cybersecurity Education standard. 8140 requirements are listed under categories including:

  • Security Provision–may include jobs such as architecture and engineering. As well as operations that include information assurance compliance, software, and security engineering, system development, research, etc.
  • Operate/Maintain–this may include customer service, tech support, data administration, knowledge management, network service, and security analysis.
  • Protect/Defend–involving defense against cyberattacks, defense analysis, incident reporting, vulnerability assessment, and related areas.
  • Analyze–pertaining to different types of network analysis, resource intelligence, exploitation analysis, threat analysis, etc.
  • Operate/Collect–defined as applicable to cyber operations and planning, collection operations, planning and implementation.
  • Oversight and Development–pertaining to the legal consequences of conducting operations in the digital realm, with emphasis on planning, education, and awareness-raising.
  • Investigate–relevant to investigations and forensics work as it relates to online security or related issues.

Who Must Comply with DoD 8140?

Regardless of who (contractors, active duty, interns, civilian employees, etc.) is associated with work involving Defense Department information systems or how they are associated, DoD requirements under DoDD 8140 must be met. The following groups are just some of who may be required to be DoDD 8140-compliant:

  • Office of the Secretary of Defense
  • Military Departments
  • Chairman of the Joint Chiefs of Staff
  • Combatant Commands
  • Office of the Inspector General of the DoD
  • Defense Agencies
  • DoD Field Activities
  • Anyone performing IAT and IAM functions must be certified
  • Anyone in CSSP and IASAE roles must be certified
  • All IA jobs require certification whether categorized as ‘Technical’ or ‘Management’ Level I, II, or III positions

How To Identify Information Assurance Positions That May Require IA Training

In the context of identifying who must become 8140 compliant, the best way to proceed is to review the job position and job description of those jobs.

Anyone performing Information Assurance functions may be required to be compliant, no matter if they are active duty, Guard, Reserve, civilian, Civil Service worker, or contractor.

According to the Department of Defense, “Any person” filling such jobs are considered “automatically part of the Cyber or IA Workforce” regardless of the hours filled in that capacity as a part-time, full-time, embedded, or other types of duty.

At the time of this writing, those seeking certification may be required to become familiar with one or both versions of the DoD compliance manual; IA Technical (IAT), and IA Management (IAM). Additionally, there are a pair of specialties at the time of this writing: Cyber Security Service Provider (CSSP) and IA System Architects and Engineers (IASAEs).

Learn More About DoD 8140

You can view the official site of the DoD 8140 Information Assurance Workforce Improvement Program Office or Call the Defense Information Assurance Program (DIAP) Office at 1-800-490-1643.


About The Author

Joe Wallace is a 13-year veteran of the United States Air Force and a former reporter for Air Force Television News.


Related Articles
Tech Programs to Boost Your Skills Education Resources
VET TEC Career Certificate Schools 
GI Bill Eligible Coding Bootcamps Coding Bootcamp or Computer Science Degree

Filed Under: Education

Comments

Military + Veteran Discounts

Want 30+ Mil/Vet discounts to use today? Enter your email for updates and we'll send it!
Name(Required)

VA Home Loans

Popular Articles

2022 VA Disability Rates

2022 Military Pay

Military Pay Calculator

VA Loan Calculator

2022 BAH Rates

Search Veteran.com

Military Benefits Logo

Company

  • About
  • Contact Us
  • Add a Discount
  • Privacy Policy
  • Terms of Use
  • Disclosure
  • Unsubscribe

Quick Links

  • Home
  • Military Discounts
  • Benefits
  • Housing & Ownership
  • Money & Finance
  • Employment
  • Education
  • Resources

Connect With Us

  • facebook
  • instagram
  • pinterest
  • twitter
  • youtube
Copyright © 2022 Three Creeks Media, LLC

Veteran.com is a property of Three Creeks Media. Neither Veteran.com nor Three Creeks Media are associated with or endorsed by the U.S. Departments of Defense or Veterans Affairs. The content on Veteran.com is produced by Three Creeks Media, its partners, affiliates and contractors, any opinions or statements on Veteran.com should not be attributed to the Dept. of Veterans Affairs , the Dept. of Defense or any governmental entity. If you have questions about Veteran programs offered through or by the Dept. of Veterans Affairs, please visit their website at va.gov. The content offered on Veteran.com is for general informational purposes only and may not be relevant to any consumer’s specific situation, this content should not be construed as legal or financial advice. If you have questions of a specific nature consider consulting a financial professional, accountant or attorney to discuss. References to third-party products, rates and offers may change without notice.

Advertising Notice: Veteran.com and Three Creeks Media, its parent and affiliate companies, may receive compensation through advertising placements on Veteran.com; For any rankings or lists on this site, Veteran.com may receive compensation from the companies being ranked and this compensation may affect how, where and in what order products and companies appear in the rankings and lists. If a ranking or list has a company noted to be a “partner” the indicated company is a corporate affiliate of Veteran.com. No tables, rankings or lists are fully comprehensive and do not include all companies or available products.

Editorial Disclosure: Editorial content on Veteran.com may include opinions. Any opinions are those of the author alone, and not those of an advertiser to the site nor of Veteran.com.