Important note: As of February 2023, The U.S. Department of Defense has transitioned to Manual 8140.03 (DoDM 8140.03) cybersecurity workforce management framework. DoDM 8140.03 replaces DoD Directive 8570.01-M. Learn more about DoDM 8140.03 here.
If you work in an Information Assurance (IA) role within the United States Department of Defense (DoD), you likely need to meet DoD 8570 certification requirements.
What Is DoD 8570.01-Manual?
DoD Directive 8570.01-M is a policy that applies to all authorized users (both contractors and government employees) of a DoD Information System. This policy focuses on achieving a baseline of training, certification and workforce management for every individual before permitting access to DoD IT systems.
What Are The Required DoD 8570 Certifications?
Under DoD 8570, IA personnel must achieve one or more of the IA approved baseline certifications as it relates to that individual’s position category/specialty and level. The below chart outlines all of the approved certifications recognized under this policy.
DoD 8570.01-M Approved Baseline Certifications
| IAT Level I | IAT Level II | IAT Level III |
| A+ CE CCNA-Security CND Network+ CE SSCP | CCNA Security CySA+ GICSP GSEC Security+ CE CND SSCP | CASP+ CE CCNP Security CISA CISSP (or Associate) GCED GCIH CCSP |
| IAM Level I | IAM Level II | IAM Level III |
| CAP CND Cloud+ GSLC Security+ CE HCISPP | CAP CASP+ CE CISM CISSP (or Associate) GSLC CCISO HCISPP | CISM CISSP (or Associate) GSLC CCISO |
| IASAE I | IASAE II | IASAE III |
| CASP+ CE CISSP (or Associate) CSSLP | CASP+ CE CISSP (or Associate) CSSLP | CISSP-ISSAP CISSP-ISSEP CCSP |
| CSSP Analyst | CSSP Infrastructure Support | CSSP Incident Responder |
| CEH CFR CCNA Cyber Ops CCNA Security CySA+ GCIA GCIH GICSP Cloud+ SCYBER PenTest+ | CEH CySA+ GICSP SSCP CHFI CFR Cloud+ CND | CEH CFR CCNA Cyber Ops CCNA Security CHFI CySA+ GCFA GCIH SCYBER PenTest+ |
| CSSP Auditor | CSSP Manager | |
| CEH CySA+ CISA GSNA CFR PenTest+ | CISM CISSP-ISSMP CCISO |
4 Steps To Earn A DoD 8570 Baseline Certification
1. Contact Your IA Manager
Typically the first step to earning your required certifications is to contact your manager as outlined in your Component’s procedures. You should include your position, level and certification requirements within the IA Workforce.
2. Obtain Training From An Approved Provider
To obtain training through your organization, contact your manager or follow your organization’s process for obtaining training in order to receive the necessary approvals.
Keep in mind that while training can be obtained from any vendor, each certification provider has their own requirements for training and testing in order to obtain the required certification. It is recommended to work with the approved IA baseline certification vendors to identify appropriate training vendors.
Request Approved 8570 Certification Training From UMBC Training Centers!
3. Request Your Certification Exam Voucher
Similarly to training, you will likely need to request the appropriate certification exam voucher from your IA manager. This step may be included in the process for requesting training since many training providers include vouchers in their training course depending on the certification.
4. Notify Your Manager Once You Earned Your Certification
Once you have successfully completed training and earned your required certification, notify your manager or follow your organization’s approved process. It is important that your certification is appropriately documented to show IA Workforce compliance.