Strategic Security Intelligence

NSTSSI Security Education Standards


Top - Help

Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved

                                  SECTION II - APPLICABILITY
      2.     National Security Telecommunications and Information Systems Security
Directive (NSTISSD) No. 501 establishes the requirement for federal departments and
agencies to implement training programs for information systems security (INFOSEC)
professionals. As defined in NSTISSD No. 501, an INFOSEC professional is an individual
responsible for the security oversight or management of national security systems during
phases of the life-cycle. That directive is being implemented in a synergistic environment
among departments and agencies committed to satisfying these INFOSEC education and
training requirements in the most effective and cost efficient manner possible. This
instruction is the continuation of a series of minimum training and education standards
being developed to assist departments and agencies in meeting their responsibilities in
these areas (NSTISSI Nos. 4011, 4012, 4013 and 4014). Concomitant capabilities required
by the System Certifiers to perform the job functions competently are provided in ANNEX B
of this instruction. The definitions for terminology used in this instruction are derived from
the National INFOSEC Glossary, NSTISSI No. 4009. The references pertinent to this
instruction, as well as other documents which can be used in conjunction with it, are listed
in ANNEX C.     

      3.     The body of knowledge required by this instruction may be obtained from a
variety of sources, i.e., Defense Information Systems Agency (DISA), National Ssecurity
Agency (NSA), and Government contractors, as well as from adaptations of existing
department/agency education and training programs, or from a combination of experience
and formal training. ANNEX A lists the minimal INFOSEC performance standard for a
System Certifier.

      4.     This instruction is applicable to all U.S. Government departments and agencies
as well as Government contractors responsible for the development and implementation of
education and training for telecommunications and IS security System Certifiers.