Defense sets requirements for information assurance personnel

The Defense Department has issued a new manual that lays out procedures for training, certifying and managing employees responsible for information assurance within the department.

In the foreword John Grimes, DOD CIO and assistant secretary for networks and information integration, said the manual 'is effective immediately and is mandatory for use' by all elements of the Defense Department.

The manual follows up on a directive issued in August 2004 by deputy secretary Paul Wolfowitz that established DOD policy and assigned responsibilities for information assurance training.

This is the first time the Pentagon has formalized and standardized the levels and types of training required for IA professionals throughout the department, said Alan Paller, director of research for the SANS Institute.

Until now, the individual services and Defense agencies were responsible for defining their own professional requirements for IA employees, a process that was less than thorough, he said.

Among the oversight responsibilities given to IA personnel are identifying information assurance requirements as part of the IT acquisition development process; maintaining configuration control of hardware, applications and systems; and installing and administering user identification or authentication mechanisms.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected