NSTSSI Security Education Standards |
SECTION II - APPLICABILITY 2. National Security Telecommunications and Information Systems Security Directive (NSTISSD) No. 501 establishes the requirement for federal departments and agencies to implement training programs for information systems security (INFOSEC) professionals. As defined in NSTISSD No. 501, an INFOSEC professional is an individual responsible for the security oversight or management of national security systems during phases of the life-cycle. That directive is being implemented in a synergistic environment among departments and agencies committed to satisfying these INFOSEC education and training requirements in the most effective and cost efficient manner possible. This instruction is the continuation of a series of minimum training and education standards being developed to assist departments and agencies in meeting their responsibilities in these areas (NSTISSI Nos. 4011, 4012, 4013 and 4014). Concomitant capabilities required by the System Certifiers to perform the job functions competently are provided in ANNEX B of this instruction. The definitions for terminology used in this instruction are derived from the National INFOSEC Glossary, NSTISSI No. 4009. The references pertinent to this instruction, as well as other documents which can be used in conjunction with it, are listed in ANNEX C. 3. The body of knowledge required by this instruction may be obtained from a variety of sources, i.e., Defense Information Systems Agency (DISA), National Ssecurity Agency (NSA), and Government contractors, as well as from adaptations of existing department/agency education and training programs, or from a combination of experience and formal training. ANNEX A lists the minimal INFOSEC performance standard for a System Certifier. 4. This instruction is applicable to all U.S. Government departments and agencies as well as Government contractors responsible for the development and implementation of education and training for telecommunications and IS security System Certifiers.