Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
If you’re an information systems security professional, it’s important to be familiar with the DoD 8570. The DoD’s digital and cybersecurity landscape is vast. Even current working IT professionals struggle to determine which trainings and certifications are needed for which DoD roles.
Only one certificate is needed at each level to become compliant, so we are here to help you understand, and select the right certification.
You need a cybersecurity certification that meets the U.S. Department of Defense (DoD) Directive 8570.1? Training Camp, the world’s largest for-certification boot camp training company, has been delivering budget-focused training solutions to government agencies for over 20 years.
We are proud to offer a wide range of courses aimed at getting our customers skilled, certified, and back to work fast.
View Courses
We can accommodate courses for as few as five to as many as thousands of team members spread across the globe.
Learn MoreDoD Directive 8570.01 provides the basis for an enterprise-wide solution to train, certify, and manage the DoD Information Assurance (IA) workforce. The policy requires Information Assurance technicians and managers to be trained and certified to a DoD baseline requirement. The Directive’s accompanying manual identifies the specific certifications mandated by the Directive’s enterprise-wide certification program.
Information Assurance Technical (IAT) and IA Management (IAM) personnel must be fully trained and certified to baseline requirements to perform their IA duties. DoD 8570.01-M defines IAT workforce members as anyone with privileged information system access performing IA functions. IAM personnel perform management functions for DoD operational systems described in the Manual.
The training, certification, and workforce management requirements of DoD 8570.01-M apply to all members of the DoD IA workforce including military, civilians, local nationals, Non-appropriated fund (NAF) personnel, and contractors. The requirements apply whether the duties are performed full-time, part-time, or as an embedded duty.
8140 has a more expanded set of roles defined, sub-categorizing things further to get specific about who needs what type of certification.
At the time of this writing, DoD Directive 8140 continues to use 8570.01-m to identify the requirements. DoD 8570.01-m is still in use and actively managed by the DoD
| IAT Level I | IAT Level II | IAT Level III |
| CAP CND Cloud+ Security+ HCISPP |
CAP CASP+ CISM CISSP CCISO HCISPP |
CISM CISSP CISA CCISO |
| IAM Level I | IAM Level II | IAM Level III |
| CAP CND Cloud+ Security+ HCISPP |
CAP CASP+ CISM CISSP CCISO HCISPP |
CISM CISSP CISA CCISO |
| IASAE I | IASAE II | IASAE III |
| CASP+ CISSP CSSLP |
CASP+ CISSP CSSLP |
CISSP-ISSAP CISSP-ISSEP CCSP |
| CSSP Analyst1 | CSSP Infrastructure Support1 | CSSP Incident Responder1 |
| CEH CCNA Cyber Ops CySA+ Cloud+ PenTest+ |
CEH CySA+ SSCP CHFI Cloud+ CND |
CEH CCNA Cyber OPS CHFI CySA+ PenTest+ |
| CSSP Auditor1 | CSSP Manager1 | |
| CEH CySA+ CISA PenTest+ |
CISM CISSP-ISSMP CCISO |
The above table provides a list of DoD approved IA baseline certifications aligned to each category and level of the IA Workforce. Personnel performing IA functions must obtain one of the certifications required for their position, category/specialty and level to fulfill the IA baseline certification requirement. Most IA levels within a category or specialty have more than one approved certification and a certification may apply to more than one level.
An individual needs to obtain only one of the “approved certifications”; for his or her IA category or specialty and level to meet the minimum requirement. For example, an individual in an IAT Level II position could obtain any one of the four certifications listed in the IAT Level II cell.
Higher level IAT and IAM certifications satisfy lower level requirements. Certifications listed in Level II or III cells can be used to qualify for Level I. However, Level I certifications cannot be used for Level II or III unless the certification is also listed in the Level II or III cell.
For example:
Get skilled, get certified. We offer a wide range of solutions trusted by thousands of organizations. Fill out a contact form and one of our Enterprise Solutions experts will contact you to discuss the best training solutions for your team. You can also e-mail our team directly at: [email protected]
