Description: This mid-level course provides students with a comprehensive understanding of how to apply and implement specific DOD Information Security policies and procedures to mitigate and manage risks associated with developing, managing, and evaluating a DOD Information Security Program (ISP). Lessons emphasize key Activity Security Manager (ASM) responsibilities in relation to protecting classified national security information (CNSI) and controlled unclassified information (CUI). This includes security classification, downgrading, declassification, safeguarding and handling, access and dissemination control, accountability, storage, disposal, destruction, transmission and transportation, security incidents, and security education and training awareness. Lessons also highlight effective program oversight procedures to include managing reporting requirements and implementing assessment tools. Students will engage in critical thinking and problem solving as they apply solutions to real-world information security processes, challenges, and issues related to managing an activity’s ISP.  

This virtual instructor-led training (VILT) course is delivered predominantly in an asynchronous environment via the Security Training, Education, and Professionalization Portal (STEPP), which is the Center for Development and Security Excellence’s (CDSE) learning management system.

Learning Objectives: This course enables students to: 

• Implement the fundamental policies and requirements of the ISP to effectively protect CNSI and CUI.
• Implement risk management to protect DOD assets from various types of threats and emergencies.
• Apply classification and marking guidance as outlined in policy to protect CNSI from unauthorized disclosure, loss, or compromise.
• Implement DOD policy requirements to protect information identified as CUI throughout its life cycle.
• Determine fundamental cybersecurity and information technology principles related to protecting CNSI and CUI.
• Determine effective measures and processes to handle, protect, safeguard, and manage CNSI and CUI as outlined in policy, standards, and best practices.
• Develop an effective Security Education and Training Awareness program that addresses policy requirements and identifies vulnerabilities or deficiencies.

Delivery Method: Virtual Instructor-led Training (VILT)

Length: 4 weeks

• Daily Time commitment: 2-4 hours per day
• Weekly Time commitment: 15-20 hours each week. The time commitment will depend on your experience with the DOD Information Security Program.
• Total Time commitment: 50-80 hours over the 4-week course.

Target Audience: This course is for DOD civilian, military, and contractor personnel with primary duties as an activity security manager, information security program specialist, or manager within a DOD Component ISP. Students are expected to have a functional working knowledge of the DOD ISP.

Requirements:

• Clearance Requirements: N/A
• Attendance Requirements: Participate in and complete the asynchronous prerequisite eLearning courses. Course activities and assignments will require critical thinking, analysis of regulatory guidance, and application of key concepts through the perspective of scenarios. For that reason, students should consider the ability to commit the appropriate amount of time each week to be successful in the course. If possible, being in a training status part-time, or at least one day each week, may be beneficial, depending on a student’s experience level with the content.
• Exam Requirements: Students must earn a 75 percent average to pass the exam.
• Course Cumulative Grade: Students must earn a 75 percent average on all assignments to include practical exercises, activities, discussion questions, the final capstone, and final exam to pass the course and earn a certificate of completion.

Prerequisites: Students must complete the following prerequisites before enrolling in the VILT:

• Introduction to Information Security (IF011.16)
• Original Classification (IF102.16)
• Derivative Classification (IF103.16)
• Marking Special Categories of Classified Information (IF105.16)
• Security Classification Guidance (IF101.16)
• Transmission and Transportation for DOD (IF107.16)
• Storage Containers and Facilities (PY105.16)
• Risk Management for DOD Security Programs (GS102.16)
• Information Security Emergency Planning (IF108.06)
• Introduction to the Risk Management Framework (RMF) (CS124.16)
• Unauthorized Disclosure (UD) of Classified Information and Controlled Unclassified Information (CUI) (IF130.16)
• Classification Conflicts and Evaluations (IF110.06)
• Developing a Security Education and Training Program (GS104.16)
• DOD Mandatory Controlled Unclassified Information (CUI) Training (IF141.06)

Credits Recommended/Earned:

• ACE Credit Recommendation: (What's this?): N/A 
• Professional Development Units per SPēD: PDUs are determined by length of course and IAW with current Certification Maintenance Guidelines
• Continuing Education Units (CEUs): Contact CompTIA to find out about CEUs for this course.

System Requirements: Check if your system is configured appropriately to use STEPP.

IF STEPP DOES NOT RECOGNIZE THE PREREQUISITE COURSE, CONTACT THE  Help Desk. 

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.