CYBER INFORMATION TECHNOLOGY AND CYBERSECURITY WORKFORCE TRANSITION TO SECNAVINST 5239.20A:
R 081550Z JAN 19
FM CNO WASHINGTON DC
INFO CNO WASHINGTON DC
PASS TO OFFICE CODES:
FM CNO WASHINGTON DC//N2N6//
INFO CNO WASHINGTON DC//N2N6//
MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/JAN//
SUBJ/CYBER INFORMATION TECHNOLOGY AND CYBERSECURITY WORKFORCE TRANSITION TO
REF/B/DOC/NIST SPECIAL PUB 800-181/AUG17//
NARR/REF(A) IS AN OFFICE OF PERSONNEL MANAGEMENT LETTER OUTLINING AND
PROVIDING IMPLEMENTATION GUIDANCE FOR THE FEDERAL CYBERSECURITY WORKFORCE
ASSESSMENT ACT OF 2015;
REF (B) IS THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY SPECIAL
PUBLICATION 800-181 NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION
CYBERSECURITY WORKFORCE FRAMEWORK AND OUTLINES 54 CYBER WORK ROLES, THEIR
ASSOCIATED TASKS AND REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES;
REF (C) IS THE DEPARTMENT OF DEFENSE CYBER WORKFORCE FRAMEWORK AND BUILDS ON
THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY SP 800-181 AND ADDRESSES
UNIQUE DOD MISSIONS AND TASKS, DIRECTING THAT THESE CODES BE APPLIED TO
MEMBERS OF THE DEFENSE CYBERSECURITY WORKFORCE;
REF (D) IS THE DoDD 8140.01 CYBERSPACE WORKFORCE MANAGEMENT 11 AUGUST
2015 AND SUPERSEDES REF (E) AND BEGINS THE TRANSITION PROCESS FROM THE
INFORMATION ASSURANCE WORKFORCE TOWARD A MUCH BROADER CYBER WORKFORCE
REF (E) IS THE DOD 8570.01 CYBERSECURITY WORKFORCE IMPROVEMENT PROGRAM DATED
REF (F) IS THE SECNAVINST 5239.20A, DEPARTMENT OF THE NAVY CYBERSPACE
INFORMATION TECHNOLOGY AND CYBERSECURITY WORKFORCE MANAGEMENT AND
QUALIFICATION, 10 FEBRUARY 2016;
REF (G) IS THE JUNE 2016 SECNAV M-5239.2 DEPARTMENT OF NAVY CYBERSPACE
INFORMATION TECHNOLOGY AND CYBERSECURITY WORKFORCE MANAGEMENT AND
REF (F) AND (G) PROVIDES IMPLEMENTATION AND QUALIFICATION GUIDANCE FOR THE
DEPARTMENT OF THE NAVY CYBER INFORMATION TECHNOLOGY/CYBERSECURITY WORKFORCE;
REF (H) IS THE 2 JULY 2018 DOD CIO WAIVER FROM THE REQUIREMENTS OF THE DOD
8570.01M GRANTING THE NAVY PERMISSION TO IMPLEMENT THE SECNAV M-5239.2;
REF (I) IS AN OPNAV LETTER ON NAVY CREDENTIALING OPPORTUNITIES ON-LINE
GUIDANCE FOR APPROVING NAVY CYBERSECURITY WORKFORCE VOUCHERS.//
POC/VIEIRA/CIV/OPNAV N2N6G11/-/TEL: (703) 695-7809/DSN: 225-7809/
RMKS/1. This NAVADMIN outlines the Navy’s implementation process and
timelines for transitioning to a new Cybersecurity Workforce (CSWF) framework
(references a through f germane) as outlined in reference (g). The
Department of the Navy obtained a Department of Defense(DoD) Office of the
Chief Information Officer waiver from the DoDM 8570.01 requirements for
military and civilians, reference (h), allowing implementation of the Cyber
Information Technology /Cybersecurity Workforce (Cyber IT/CSWF) management
and qualification program detailed in references (f) and (g). The Navy will
transition from reference (e) to reference (f) in three phases over an 18-
month time period. The contractor workforce remains governed by DoDM 8570.01
2. The Navy will employ a three-phased transition approach. Phase I
includes actions necessary to establish the transition foundation. Many of
these actions are ongoing. Phase I will be completed by Fiscal Year (FY)
2019, fourth quarter. Phase II begins in the fourth quarter FY 2019 and will
conclude fourth quarter FY 2020. Phase III includes sustainment and
continuous improvement actions that will continue for the program lifecycle.
The phasing plan does not preclude commands from moving to sustainment
3. This transition will generate lessons-learned and implementation actions
that differ from references (f) and (g). Interim execution guidance will be
issued by Director, Navy Cybersecurity Division (OPNAV N2N6G) and formalized
via revisions of references (f) and (g). Copies of program execution
documents and templates assisting commands in setting up and maintaining
their Cyber IT/CSWF qualification programs will be available in the reference
section of the U.S. Naval Information Forces (NAVIFOR) CSWF home page at:
/home.aspx. A common access card, using the e-mail credential, is required
to access this site.
4. Phase I. Cyber Workforce (OPNAV N2N6G1) will lead Phase I actions in
consultation with NAVIFOR (Office of Primary Responsibility), Echelon II and
III CSWF Program Managers, Office of Chief Human Resources (OCHR), and Deputy
Chief of Naval Operations for Manpower, Personnel, Training and Education.
Key actions include but may not be limited to the following:
a. OPNAV N2N6G1 develops and implements a formal process communicating
implementation details, status, and required changes, including a regularly
scheduled in progress reviews on transition progress.
b. Outline procedures for assessing employee proficiency levels.
c. Establish an OPNAV N2N6G1 and OCHR transition working group
addressing Human Resource issues including union notifications for both the
National Capital Region and local bargaining units.
d. Update and publish an integrated CSWF Management Oversight Compliance
Committee/Training, Education, and Certification Advisory Team charter.
e. Evaluate and validate qualification requirements including
foundational, residential, and continuing education. This includes
clarifying experience and using personnel qualification standards for
f. Monitor Manpower offices completion and reconciliation of military
billet coding in the Total Force Manpower Management System (TFMMS).
g. Monitor OCHR completion of civilian billet coding in the Defense
Civilian Personnel Data System and reconcile in TFMMS.
h. Staff updates and draft SECNAV and OPNAV Cyber IT/CSWF policy as
needed to support workforce management.
i. Identify funding, validate functionality and review business rules for
the Total Workforce Management System (TWMS) CSWF module.
j. Reference (i) remains in effect throughout the transition period and
will be reevaluated during program sustainment.
5. Phase II. This phase is required for all Navy commands with Cyber
IT/CSWF personnel. Key actions include but may not be limited to the
a. Ensure Cyber IT/CSWF cyber work role codes in Total Workforce
Management System (TWMS) are the same as the Cyber work roles code in TFMMS.
b. Update civilian Cyber IT/CSWF position descriptions including the
work role assignment and the condition of employment statement found in
reference (g) Chapter 3 b (g) 1. Use templates found at NAVIFOR web page for
minimum mandatory language.
c. Commands notify employees, in writing, that they are in the Cyber
IT/CSWF. Assign them a work role and provide employees with a list of
foundational and residential qualification requirements found in appendix 4
of reference (g).
d. Enter and validate personnel qualifications in TWMS. Determine
individual qualification status and implement process to qualify personnel
not later than one year after the employee is notified by human resources
that they are a member of the Cyber IT/CSWF.
Maintain and revise qualification information as required in TWMS.
e. Update individual development plans for personnel that do not meet
the qualification requirements with a qualification plan and date. Employees
failing to meet qualification standards are subject to local policies and
f. NAVIFOR analyzes TWMS data, identify gaps, and significant trends.
Formulate corrective courses of action and recommendations.
6. Phase III. Execute SECNAV M-5239.2 and related OPNAV issuances.
a. Ensure all new Cyber IT/CSWF billets are properly coded in TFMMS and
TWMS. Ensure changes to billet coding are made as necessary.
b. Ensure TWMS data is updated and maintained accurately depicting
qualification status of all personnel assigned to Cyber IT /CSWF billets.
c. Ensure Cyber IT/CSWF personnel meet continuous learning requirements.
d. When new systems or software is deployed ensure personnel assigned to
Cyber IT and CSWF billets complete new or revised training and on the job
qualification, as necessary.
e. Ensure personnel newly assigned to Cyber IT/CSWF billets complete
qualification in accordance with the Secretary of the Navy and Office of the
Chief of Naval Operations policy.
7. Released by VADM Matthew J. Kohler, Deputy Chief of Naval Operations for
Information Warfare, OPNAV N2N6.//