Home 0P3N Blog What is DoD 8140?
Ready to Start Your Career?
Create Free Account
By: Jenna Crawford
May 21, 2020

What is DoD 8140?

By: Jenna Crawford
May 21, 2020
By: Jenna Crawford
May 21, 2020

The Department of Defense Directive 8140 (DoD 8140), also known as the Information Assurance Workforce Improvement Program or Cybersecurity Workforce Improvement Program, was designed based on the National Institute of Standards and Technology (NIST) National Initiative for Cybersecurity Education (NICE) framework. This directive is an update and expansion of the previous DoD Directive 8570. DoD 8140 outlines the necessary training and certifications required for government employees to perform different levels of Information Assurance (IA) job functions. DoD 8140 also outlines the responsibilities of managing the workforce requirements for the applicable agencies.

Maintaining a qualified cyberspace workforce is a priority for the DoD. One of the primary purposes of the DoD 8140 directive is to unify the cyberspace workforce to ensure alignment and standardization across cyberspace work roles and qualifications across the DoD. The directive ensures that anyone working with DoD information systems has the minimum baseline certification(s) to perform their job function competently.

What are the different DoD 8140 IA categories?

  • Information Assurance Technical (IAT)

    • IAT Level I
    • IAT Level II
  • Information Assurance Management (IAM)

    • IAM Level I
    • IAM Level III
  • Information Assurance System Architects and Engineers (IASAE)

    • IASAE I
    • IASAE II
    • IASAE III
  • Cyber Security Service Providers (CSSP)

    • CSSP Infrastructure Support
    • CSSP Incident Responder
    • CSSP Auditor
    • CSSP Manager

 
Start the "CompTIA Network+" Certification Course >>

 

Who does DoD 8140 apply to?

DoD 8140 applies to anyone working part or full time with DoD information systems including contractors, civilians, military, and interns whose positions fall into the following categories:

  • All personnel performing IAT and IAM functions
  • All personnel performing CSSP and IASAE roles
  • Personnel categorized as ‘Technical’ or ‘Management’ level I, II, or III

DoD 8140 applies explicitly to personnel in the following organizations:

  • Office of the Secretary of Defense (OSD)
  • Military Departments
  • Office of the Chairman of the Joints Chiefs of Staff (CJCS)
  • Joint Staff
  • Combatant Commands
  • Office of the Inspector General of the Department of Defense (IG DoD)
  • Defense Agencies
  • DoD Field Activities
  • DoD Components
  • United States Coast Guard

If your job function falls into a category that requires DoD 8140 certification, you will be required to obtain certification within six months to be compliant with this directive.

How do I obtain DoD 8140 Certification?

If DoD 8140 certification is required for your position, your Information Assurance Manager should be able to help you get started with the certification process. You first need to identify the IA category and level of certification required for your position, then figure out which certification you would like to obtain. After you have successfully passed your certification, simply provide your IA Manager with your certification information.

The chart below gives you an idea of the baseline certifications for each of the categories. You only need to obtain one certification within the category level for your current IA position, but there are several options to choose from in each of the categories.

Approved Baseline Certifications

IAT Level I IAT Level II IAT Level III
A+ CE
CCNA-Security
CND
Network+ CE
SSCP
CCNA-Security
CySA+
GICSP
GSEC
Security+ CE
CND
SSCP
CASP+ CE
CCNP Security
CISA
CISSP (or Associate)
GCED
GCIH
IAM Level I IAM Level II IAM Level III
CAP
CND
Cloud+
GSLC
Security+ CE
CAP
CASP+ CE
CISM
CISSP (or Associate)
GSLC
CCISO
CISM
CISSP (or Associate)
GSLC
CCISO
IASAE I IASAE II IASAE III
CASP+ CE
CISSP (or Associate)
CSSLP
CASP+ CE
CISSP (or Associate)
CSSLP
CISSP-ISSAP
CISSP-ISSEP
CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder
CEH
CFR
CCNA Cyber Ops
CCNA-Security
CySA+
GCIA
GCIH
GICSP
Cloud+
SCYBER
CEH
CySA+
GICSP
SSCP
CHFI
CFR
Cloud+
CND
CEH
CFR
CCNA Cyber Ops
CCNA-Security
CHFI
CySA+
GCFA
GCIH
SCYBER
CSSP Auditor CCSP Manager
CEH
CySA+
CISA
GSNA
CFR
CISM
CISSP-ISSMP
CCISO

 

How should I choose which certification to get?

If you are not sure which certification is right for you, do some research on the options available in the IA category that your position falls into, and make an educated decision. There are different certification options available from various certification providers, and the exams can vary in format and structure. If you already have a lower level certification from one vendor, you may want to take one of the higher-level certification exams from that same vendor because it would renew your lower-level certification while ensuring your compliance with DoD 8140. Obtaining a certification can be a great way to learn new skills and advance in your career, so I would recommend choosing a certification that aligns with your interests and career goals. Ultimately, you get to decide which certification to take, so choose wisely and have fun with it!


*__Cybrary helps organizations close the cybersecurity skills gap and build a workforce capable of tackling the challenges of today, and tomorrow. [Request your demo](http://fastfix.my?exam=business/demo-request/marketing/virtual-events/) of Cybrary for Teams to get started.__*




References

  1. https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodd/814001p.pdf?ver=2019-06-06-120639-863
  2. https://public.cyber.mil/cw/cwmp/steps-to-obtain-a-dod-8570-baseline-certification/
Request Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry