 NSTSSI Security Education Standards |
| NSTSSI Security Education Standards |
SECTION II - APPLICABILITY
2. National Security Telecommunications and Information Systems Security Directive
(NSTISSD) No. 501 establishes the requirement for federal departments and agencies to
implement training programs for INFOSEC professionals. As defined in NSTISSD 501, an
INFOSEC professional is an individual responsible for the security oversight or management of
national security systems during phases of the life cycle. That directive is being implemented in
a synergistic environment among departments and agencies which are committed to satisfying
these INFOSEC education and training requirements in the most effective and efficient manner
possible. This instruction is the continuation of a series of minimum training and education
standards being developed to assist departments and agencies in meeting their responsibilities
in these areas (NSTISSI Nos. 4011, 4012, 4013, and 4014). The definitions for words used in
this instruction are derived from the National INFOSEC Glossary, NSTISSI No. 4009. The
references pertinent to this instruction are listed in ANNEX B. Other documents which can be
used in conjunction with this document are listed in ANNEX C.
3. The body of knowledge listed in this instruction may be obtained from a variety of
sources, i.e., the National Cryptologic School, the General Services Administration (Office of
Information Security), and Government contractors, as well as from adaptations of existing
department/agency training programs, or from a combination of experience and formal training.
ANNEX A lists the minimal INFOSEC performance standard for an SA.
4. This instruction is applicable to all departments and agencies of the U.S.
Government and their contractors responsible for the development and implementation of
training for System Administrators in the disciplines of telecommunications and IS security.