cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Althaeis
Newcomer I

Re: Understanding Associate of (ISC)2 Status

You can tell the contract/ DoD that you have passed the test and are at associate level status, they will understand as it happens all the time with military members as well. Speaking from experience as a DoD Contractor so long as you have passed the certification test the DoD/CTR's will see you as having the "cert" just show proof with the ISC2 Acclaim badge and you should be good to go.

RRoach
Newcomer III

Re: Understanding Associate of (ISC)2 Status

Best way might be to contact the company program manager to obtain information from the agency contracting officer. Reason being is government contracts are written to specific labor category and position requirements. I have not seen any acceptance of Associate status from any government website.

 

FYI that every contract I have been on always required the nice and shiny embossed certificate or a copy of it (pdf).

 

 

As others mentioned include it on the resume, LinkedIn, etc.

Best of luck and keep charging ahead.  

CraginS
Defender I

Re: Understanding Associate of (ISC)2 Status


@RRoach wrote:

Best way might be to contact the company program manager to obtain information from the agency contracting officer. Reason being is government contracts are written to specific labor category and position requirements. I have not seen any acceptance of Associate status from any government website.

 

It is highly unlikely that any DoD contract specifically requires a CISSP. Rather, I would wager that the contract language requires the participating cybersecurity employees hold the appropriate credentials under the doD 8570 or DoDR 8140 workforce program to perform at specified IAT or IAM levels. 

In that case, it has been clear for many years that "CISSP (or Associate)" meets all IAT and IAM levels.

So, I am quite confident that holding Associate of (ISC)2 status will fully meet the contractual requirement.

 

Added 5/7/21: You will not find the language mandating cybersecurity certification explicitly in the contracts from DoD. The requirements are specified in section 239.7102-1 of the DFARS (Defense Federal Acquisition Regulation Supplement) which cites DoD Directive 8140.01and are stated by an inclusion citation in the contact itself. This is a common practice for many common requirements for all DOD contracts. Similar procedures citing sections of the FAR are found in contracts with other federal departmetns and agencies.

 

 

Craig

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
RRoach
Newcomer III

Re: Understanding Associate of (ISC)2 Status

Confirmed on gov website and wasn't able to post yesterday after my initial comment.

 

CISSP (associate) is listed for:

IAT (III) note: "not IAT I or II"

IAM (II/III)

IASAE (I/II).

 

And yes, contracts I have seen usually just have the 8570 disclaimer.

 

Recommend:

-get a copy of the 8570 website page (pdf) showing all the certs per IAT/IAM level

-get a copy of the status/associate cert from ISC2

a.  If on contract:  Provide the info to the PM to work it out with the COTAR. COTAR is the one who approves any new/replacement staff on contract.

b.  If not on contract:  Provide to recruiter/staffing company for position you are applying for.

 

Let us know how you make out,

Rob

 

 

CraginS
Defender I

Re: Understanding Associate of (ISC)2 Status


@RRoach wrote:

Confirmed on gov website and wasn't able to post yesterday after my initial comment.

 

CISSP (associate) is listed for:

IAT (III) note: "not IAT I or II"

IAM (II/III)

IASAE (I/II).

 


 

Rob,

CISSP (Associate) DOES qualify for IAT I and IAT II, and also for IAM I. Higher certs trickle down to lower levels, but not for CSSP and IASAE levels.

See the notes on DoD Approved 8570 Baseline Certifications

 

"Higher level IAT and IAM certifications satisfy lower level requirements. Certifications listed in Level II or III cells can be used to qualify for Level I. However, Level I certifications cannot be used for Level II or III unless the certification is also listed in the Level II or III cell."

...

"Higher level CSSP and IASAE certifications do not satisfy lower level requirements"

 

Craig

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
RRoach
Newcomer III

Re: Understanding Associate of (ISC)2 Status

Verified below the table. Thanks for adding that in as well.

 

I can recall actually having this convo a few years back and even though I had a CISSP, I was informed the position would need a Security +.

 

Just in case, because the way the contracts are written and interpretation of PMs and COTARS as well as even recruiters, I would recommend getting a copy of the web page that includes those disclaimers as well (which is the same page listing all the certs) and/or send them the link or maybe just a snippet of the CERTs, disclaimer, and URL to the website for the gov peeps to verify.

 

Kind of funny but I will probably end up making something similar for myself as well.