cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bjf1
Newcomer I

DoD 8140 and CISSP

I currently hold a CISSP.

 

Referring to DoD 8140 IT qualification matrix (https://public.cyber.mil/wid/dod8140/qualifications-matrices/), many roles are qualified with a SSCP but not a CISSP. Does this mean I would need to ALSO earn a SSCP to qualify for these? In the 8570, CISSP was considered a "superset" of SSCP so anything that required a SSCP could be met with a CISSP. Is this no longer the case?

 

A lot of work roles are impacted! Example of a few:

 

451 System Admin/Basic (because SSCP is listed for Intermediate)

451 System Admin/Intermediate

 

671 System Testing and Evaluation Specialist/Basic

671 System Testing and Evaluation Specialist/Intermediate

 

632 Systems Developer/Basic

632 Systems Developer/Intermediate

632 Systems Developer/Advanced

 

411 Technical Support Specialist/Basic

411 Technical Support Specialist/Intermediate

411 Technical Support Specialist/Advanced

 

and so many others!

3 Replies
DiSangue
Viewer

The short answer is no, you do not need to earn SSCP in addition to CISSP. A CISSP will qualify you for multiple roles at different levels. Most of the time, these are minimum requirements.

 

For example, if we look at 451-System Administrator, a Security+ or SSCP would be a minimum requirement but CISSP would also meet this requirement dependant on the Grade that the SA is being highed at. I'm currently an IT Manager (DoD) and review contracts and/or hiring actions, I must ensure this minimum requirement has been met.

 

With the new 8140, there are a lot of nuanse to meet requirements. For the longest time, Security+ was the defacto minimum standard.

bjf1
Newcomer I

Thank you so much for your response DiSangueViewer.

 

Is there some place this is documented? I searched extensively and wasn't able to find anything stating that a CISSP would qualify for an SSCP qualification in the DoD 8140 requirements.

bjf1
Newcomer I

I really hope we can find some DoD documentation on this as stated in the previous reply. As a follow-on, even the ISC2 website seems to indicate that CISSP does not qualify for SSCP. For example, at https://www.isc2.org/Insights/2024/07/How-Does-US-DoD-8140-Impact-CISSPs  shows what is met with CISSP and System Administrator is NOT listed under IT (Cyberspace). 

 

Have you seen DoD documentation that says that CISSP meets SSCP qualifications for 8140?