dod information assurance awareness training

By /

Conduct DoD Information Assurance Awareness Training: http://iase.disa.mil/eta/cyberchallenge/launchPage.htm

DoD Information assurance awareness training is an interpretation of the federal law, Federal Information Security Management Act (FISMA).  As each unity, agency and branch of the DoD takes on the responsibility of FISMA compliance, they sometimes come up with their own flavor of DoD information assurance awareness.

DoD Information Assurance Awareness is a requirement in accordance with the FISMA of 2002:

“security awareness training to inform personnel, including contractors and other users of information systems that support the operations and assets of the agency, of— ‘‘(A) information security risks associated with their activities; and ‘‘(B) their responsibilities in complying with agency policies and procedures designed to reduce these risks”

FISMA 2012

FISMA 2012 expands the scope if DoD information assurance awareness training and the department of homeland security with a The National Initiative for Cybersecurity Education (NICE).  NICE also includes National Initiative for Cybersecurity Careers and Studies (NICCS) portal25, an online resource for cybersecurity awareness, education, training, and career information open to the public.

“The vision of NICCS portal is to provide a national resource to
elevate cybersecurity awareness and affect the change in the American public; to adopt a culture of cyberspace security and to build a competent cybersecurity workforce. “

DOD Information Assurance Awareness & Security Training
According to FISMA, all Government personnel and contractors must complete annual security awareness training.

DoD 8570/DoD 8140 are directives that spawned as a result of FISMA also requirements to have specialized training for personnel and contractors with significant security responsibilities.

Progress of DoD Information Assurance Awareness Training is tracked and taken VERY seriously.  So much so that if you don’t complete the annual training, you can lose your ability to access systems.

DoD Information Assurance Awareness Training Security Controls

Information Assurance awareness is addressed as an actual security control in NIST SP 800-53 as AT – Awareness & Training and the NIST SP 800-50 is for Building an Information Technology Security Awareness and Training Program.

Awareness and Training
AT-1 Security Awareness and Training Policy and Procedures
AT-2 Security Awareness
AT-3 Security Training
AT-4 Security Training Records
AT-5 Contacts with Security Groups and Associations

 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top