DOD Directive 8570

DoD Directive 8570.1, "Information Assurance Training, Certification, and Workforce Management" (August 15, 2004), and DoD Manual 8570.1-M, "Information Assurance Workforce Improvement Program" (April 2010), provide guidance and procedures for the training, certification and management of the DoD workforce conducting information assurance functions in assigned duty positions.

After the deadline imposed by DoD regulation, "personnel not certified within six months of assignment of IA duties or who fail to maintain their certified status will not be permitted to carry out the responsibilities." Furthermore, "personnel who are not appropriately certified within six months of assignment to a position or who fail to maintain their certification status must not be permitted privileged access." Personnel include DoD uniformed service members, civilian employees and support contractor personnel.

Directive 8570.1 stipulates the following:

• All authorized users of DoD information systems shall receive an initial information assurance (IA) awareness orientation as a condition of access and thereafter must complete annual IA awareness refreshers.
• Privileged users and IA managers shall be fully qualified, trained and certified to DoD baseline requirements to perform their IA duties.
• Personnel performing IA privileged user or management functions, regardless of job series or military specialty, shall be appropriately identified in the DoD Component personnel databases.
• All IA personnel shall be identified, tracked and managed so that IA positions are staffed with personnel trained and certified by category, level and function.
• All positions involved in the performance of IA functions shall be identified in appropriate manpower databases by category and level.
• The status of the DoD Component IA certification and training shall be monitored and reported as an element of mission readiness and as a management review item.