Description: This mid-level course provides students with a comprehensive understanding of how to apply and implement specific DOD Information Security policies and procedures to mitigate and manage risks associated with developing, managing, and evaluating a DOD Information Security Program (ISP). Lessons emphasize key Activity Security Manager (ASM) responsibilities in relation to protecting classified national security information (CNSI) and controlled unclassified information (CUI). This includes security classification, downgrading, declassification, safeguarding and handling, access and dissemination control, accountability, storage, disposal, destruction, transmission and transportation, security incidents, and security education and training awareness. Lessons also highlight effective program oversight procedures to include managing reporting requirements and implementing assessment tools. Students will engage in critical thinking and problem solving as they apply solutions to real-world information security processes, challenges, and issues related to managing an activity’s ISP.
This virtual instructor-led training (VILT) course is delivered predominantly in an asynchronous environment via the Security Training, Education, and Professionalization Portal (STEPP), which is the Center for Development and Security Excellence’s learning management system.
Learning Objectives: This course enables students to:
- Implement the fundamental policies and requirements of the ISP to effectively protect CNSI and CUI.
- Implement risk management to protect DOD assets from various types of threats and emergencies.
- Apply classification and marking guidance as outlined in policy to protect CNSI from unauthorized disclosure, loss, or compromise.
- Implement DOD policy requirements to protect information identified as CUI throughout its life cycle.
- Determine fundamental cybersecurity and information technology principles related to protecting CNSI and CUI.
- Determine effective measures and processes to handle, protect, safeguard, and manage CNSI and CUI as outlined in policy, standards, and best practices.
- Develop an effective Security Education and Training Awareness program that addresses policy requirements and identifies vulnerabilities or deficiencies.
Delivery Method: Virtual Instructor-led Training (VILT)
Length: 4 weeks, 2-3 hours per day or 40-60 hours
Target Audience: This course is for DOD civilian, military, and contractor personnel with primary duties as an activity security manager, information security program specialist, or manager within a DOD Component ISP. Students are expected to have a functional working knowledge of the DOD ISP.
Requirements:
- Clearance Requirements: N/A
- Attendance Requirements: Participate in and complete the asynchronous prerequisite eLearning courses.
- Exam Requirements: Students must earn a 75 percent cumulative grade average on all assignments to include practical exercises, activities, discussion questions, the final capstone, and final exam.
Prerequisites: Students must complete the following prerequisites before requesting to enroll in the VILT:
- Introduction to Information Security (IF011.16)
- Original Classification (IF102.16)
- Derivative Classification (IF103.16)
- Marking Special Categories of Classified Information (IF105.16)
- Security Classification Guidance (IF101.16)
- Transmission and Transportation for DOD (IF107.16)
- Storage Containers and Facilities (PY105.16)
- Risk Management for DOD Security Programs (GS102.16)
- Information Security Emergency Planning (IF108.06)
- Introduction to the Risk Management Framework (RMF) (CS124.16)
- Unauthorized Disclosure (UD) of Classified Information and Controlled Unclassified Information (CUI) (IF130.16)
- Classification Conflicts and Evaluations (IF110.06)
- Developing a Security Education and Training Program (GS104.16)
- DOD Mandatory Controlled Unclassified Information (CUI) Training (IF141.06)
Credits Recommended/Earned:
System Requirements: Check if your system is configured appropriately to use STEPP.
IF STEPP DOES NOT RECOGNIZE THE PREREQUISITE COURSE, CONTACT THE Help Desk.
CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.