What is DoDD 8140 (DoDD 8570)?
Department of Defense Directive 8570 has been replaced by the DoD CIO as DoDD 8140; DoDD 8570 is now a part of a larger initiative that falls under the guidelines of DoDD 8140. DoDD 8140 provides guidance and procedures for the training, certification, and management of all government employees who conduct Information Assurance functions in assigned duty positions. These individuals are required to carry an approved certification for their particular job classification. GIAC certifications are among those required for Technical, Management, CND, and IASAE classifications.
Who is Affected by DoDD 8140 (DoDD 8570)?
Any full or part-time military service member, contractor, or local nationals with privileged access to a DoD information system performing information assurance (security) functions -- regardless of job or occupational series.
- Office of the Secretary of Defense
- Military Departments
- Chairman of the Joint Chiefs of Staff
- Combatant Commands
- Office of the Inspector General of the DoD
- Defense Agencies
- DoD Field Activities
- All other organizational entities in the DoD
DoDD 8140 (DoDD 8570)Requires:
- All personnel performing IAT and IAM functions must be certified.
- All personnel performing CND-SP and IASAE roles must be certified.
- All IA jobs will be categorized as 'Technical' or 'Management' Level I, II, or III, and to be qualified for those jobs, you must be certified.
For More Information About DoDD 8140 (DoDD 8570):
- The DoD8140 Information Assurance Workforce Improvement Program Office at http://iase.disa.mil/iawip/Pages/index.aspx
- Call the Defense Information Assurance Program (DIAP) Office at 1-800-490-1643
- Contact email@example.com or call Customer Support at 301-654-7267.
GIAC Certifications Approved for DoD 8140 (DoDD 8570) Baseline Information Assurance
|TECH I||TECH II||TECH III|
|MGT I||MGT II||MGT III|
|Computer Environment (CE)|
Training offered by SANS pertains to best practices so rubber hits the road" - Michael Emmons, USMC
SANS Courses Aligning with GIAC 8140 (DoDD 8570) Certifications
|TECHNICAL LEVEL||GIAC CERTIFICATION and COORDINATING SANS COURSE|
|IAT Level II||GSEC: GIAC Security Essentials Certification: SEC401: SANS Security Essentials Bootcamp Style|
|IAT Level III||GCIH: GIAC Certified Incident Handler: SEC504: Hacker Techniques, Exploits & Incident Handling
GCED: GIAC Certified Enterprise Defender: SEC501: Advanced Security Essentials - Enterprise Defender
|MANAGEMENT LEVEL||GIAC CERTIFICATION and COORDINATING SANS COURSE|
|IAM Level I||GSLC: GIAC Security Leadership Certification: MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression|
|IAM Level II||GSLC: GIAC Security Leadership Certification: MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression|
|IAM Level III||GSLC: GIAC Security Leadership Certification: MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression|
|Computer Environment (CE)||GIAC CERTIFICATION and COORDINATING SANS COURSE|
|--||GCWN: GIAC Certified Windows Security Administrator: SEC505: Securing Windows with PowerShell and the Critical Security Controls|
|--||GCUX: GIAC Certified UNIX Security Administrator: SEC506: Securing Linux/Unix|
|CND Level||GIAC CERTIFICATION and COORDINATING SANS COURSE|
|CNDSP||GCIA: GIAC Certified Intrusion Analyst: SEC503: Intrusion Detection In-Depth GCIH: GIAC Certified Incident Handler: SEC504: Hacker Techniques, Exploits and Incident Handling|
|CNDSP Incident Responder||GCIH: GIAC Certified Incident Handler: SEC504: Hacker Techniques, Exploits and Incident Handling
GCFA: GIAC Certified Forensic Analyst: FOR508: Advanced Computer Forensic Analysis and Incident Response
|CND Auditor||GSNA: GIAC Systems and Network Auditor: AUD507: Auditing Networks, Perimeters, and Systems|
Additional SANS Courses Under DOD 8140
MGT414: SANS +S Training Program for the CISSP Certification
CISSP - IAT Level III, IAM Level II, III
Over the past 4 years, 98% of all respondents, who studied our SANS® +S™ Training Program for the CISSP® Certification Exam and then took the exam passed; compared to a national average of around 70% for other prep courses.
CISSP® exams are not hosted by SANS. You will need to make separate arrangements to take the CISSP® exam.
DoD Approved 8140 (DoDD 8570) Baseline Certifications
|IAT Level I||IAT Level II||IAT Level III|
CISSP (or Associate)
|IAM Level I||IAM Level II||IAM Level III|
CISSP (or Associate)
CISSP (or Associate)
|CNDSP Analyst||CNDSP Infrastructure SUpport||CNDSP Incident Responder||CNDSP Auditor||CNDSP Manager|
DoDD 8140 - The Future of DoDD 8570
DoDD 8570 became part of DoDD 8140. However, DoD personnel will be required to meet the requirements of DoDD 8570 until the DoDD 8140 manuals are developed and approved. More details on what will be changing, as part of DoDD 8140, will be posted as it becomes available. Sections of DoDD 8140 will be based on the NICE Initiative at http://csrc.nist.gov/nice/index.htm.
"As our C4 systems become netcentric and more linked with our weapons systems, it is essential that our IA workforce be up to the task of securing our networks. I am proud to be on the cyber defense line with such a competent industry partner that understands the needs of the defense department and is willing to work with us to help accomplish this difficult task." - Mike Knight, Naval NetWar Command
Why is SANS the Best source for Information Security Training?
Security Thought Leadership
SANS is the leading organization in computer security training. SANS provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and networks against the most dangerous threats — the ones being actively exploited. The courses are full of important and immediately useful techniques that students can put to work as soon as they return to their offices through courses that are updated multiple times throughout the year. SANS courses were developed through a consensus process involving hundreds of administrators, security managers, and information security professionals. Our courses address both security fundamentals and the in-depth technical aspects of the most crucial areas of information security.
Best Security Instructors
SANS courses are taught in a classroom setting and by "SANS Certified Instructors." The selection, training and certification process to become a SANS faculty is time tested. Last year more than 90 people tried out for the SANS faculty, but only five new people were selected.
Significant Community Contributor
SANS develops, maintains, and makes available at no cost the largest collection of research documents about various aspects of information security. Additionally, SANS operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community. All this research and development activity helps to assure that SANS delivers the latest and greatest courseware, and produces the best instructors, available in market today.
SANS training courses provides a solid foundation for the Global Information Assurance Certification (GIAC) which has over 47,000 security professionals who have already proven their skills and knowledge to meet our challenging standards. GIAC is unique in the field of information security certifications because it not only tests a candidate's knowledge but also the candidate's ability to put that knowledge into practice in the real world.
Contract Payment Options and Vehicles
SANS accepts Government Purchase Cards, Credit Cards, Purchase Orders and Checks. We can also help you to purchase through SANS GSA Schedule or other contract vehicles.
For more information, please contact firstname.lastname@example.org.
SANS Voucher Credits
SANS Voucher Credits are a great solution for flexibility, cost savings and value. It is perfect when you know that you will have a variety of IT Security training needs in the next 12 months, but have not decided who gets to go, what delivery format to use, or when to go. Voucher Credits are also perfect when you have discretionary training funds to spend for long-term professional development.
"As part of the Raytheon IIS Information Security Engineering group, we send nearly all of our new hires through the SANS Security Essentials Bootcamp training classes to ensure they have the fundamental skills necessary to work in our environment. We view GIAC certifications as an essential part of this process. GIAC Certification helps ensure both our management and our customers that our employees understand how to build secure systems." - Monty McDougal, Raytheon