Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bjf1
Newcomer I
‎10-29-2024 10:19 AM
‎10-29-2024 10:19 AM

DoD 8140 and CISSP

I currently hold a CISSP.

 

Referring to DoD 8140 IT qualification matrix (https://public.cyber.mil/wid/dod8140/qualifications-matrices/), many roles are qualified with a SSCP but not a CISSP. Does this mean I would need to ALSO earn a SSCP to qualify for these? In the 8570, CISSP was considered a "superset" of SSCP so anything that required a SSCP could be met with a CISSP. Is this no longer the case?

 

A lot of work roles are impacted! Example of a few:

 

451 System Admin/Basic (because SSCP is listed for Intermediate)

451 System Admin/Intermediate

 

671 System Testing and Evaluation Specialist/Basic

671 System Testing and Evaluation Specialist/Intermediate

 

632 Systems Developer/Basic

632 Systems Developer/Intermediate

632 Systems Developer/Advanced

 

411 Technical Support Specialist/Basic

411 Technical Support Specialist/Intermediate

411 Technical Support Specialist/Advanced

 

and so many others!

Reply
0 Kudos
5 Replies
DiSangue
Reader I
‎10-29-2024 11:04 AM
‎10-29-2024 11:04 AM

The short answer is no, you do not need to earn SSCP in addition to CISSP. A CISSP will qualify you for multiple roles at different levels. Most of the time, these are minimum requirements.

 

For example, if we look at 451-System Administrator, a Security+ or SSCP would be a minimum requirement but CISSP would also meet this requirement dependant on the Grade that the SA is being highed at. I'm currently an IT Manager (DoD) and review contracts and/or hiring actions, I must ensure this minimum requirement has been met.

 

With the new 8140, there are a lot of nuanse to meet requirements. For the longest time, Security+ was the defacto minimum standard.

Reply
bjf1
Newcomer I
‎10-29-2024 01:11 PM
‎10-29-2024 01:11 PM

Thank you so much for your response DiSangueViewer.

 

Is there some place this is documented? I searched extensively and wasn't able to find anything stating that a CISSP would qualify for an SSCP qualification in the DoD 8140 requirements.

Reply
0 Kudos
bjf1
Newcomer I
‎10-29-2024 01:17 PM
‎10-29-2024 01:17 PM

I really hope we can find some DoD documentation on this as stated in the previous reply. As a follow-on, even the ISC2 website seems to indicate that CISSP does not qualify for SSCP. For example, at https://www.isc2.org/Insights/2024/07/How-Does-US-DoD-8140-Impact-CISSPs  shows what is met with CISSP and System Administrator is NOT listed under IT (Cyberspace). 

 

Have you seen DoD documentation that says that CISSP meets SSCP qualifications for 8140?

Reply
0 Kudos
Kaity
Community Manager
Community Manager
3 weeks ago
3 weeks ago

Hi all!

 

We're working on an article about the impact of 8140 (replacing 8570) and how it might effect individuals moving upward in their roles, or help bring folks to the cyber roles. If anyone has thoughts on the matter and would like to be included in our article, please give me a shout! 

Reply
0 Kudos
bjf1
Newcomer I
3 weeks ago
3 weeks ago

I see several potential concerns, but am waiting for clarifications as the standards develop. I am hoping that the DoD will allow CISSP to be grandfathered in for roles that it was accepted for under 8570 (like System Admin) because if not, it will cause massive impacts for contracting organizations and the people serving in those roles.

Reply
0 Kudos