UNCLASSIFIED//

ATTENTION INVITED TO  

ROUTINE

R 291904Z MAR 12 PSN 705170H20

FM CNO WASHINGTON DC

TO NAVADMIN
ZEN//OU=DOD/OU=NAVY/OU=ADDRESS LISTS(UC)/CN=AL NAVADMIN(UC)

INFO CNO WASHINGTON DC

BT
UNCLAS
***THIS IS A 2 SECTION MESSAGE COLLATED BY OIX GATEWAY HONOLULU HI*** QQQQ

SUBJ: NAVY INFORMATION ASSURANCE WORKFORCE AND OPERATING SYSTEM/COMPU TING 
ENVIRONMENT CERTIFICATIONS// UNCLASSIFIED/ PASS TO ALL OFFICE CODES:
FM CNO WASHINGTON DC
TO NAVADMIN
INFO CNO WASHINGTON DC//N2N6//
UNCLAS//N01300//
NAVADMIN 107/12

MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/MAR//

SUBJ/NAVY INFORMATION ASSURANCE WORKFORCE AND OPERATING SYSTEM/ COMPUTING 
ENVIRONMENT CERTIFICATIONS//

REF/A/DOC/DON CIO/08FEB2012//
REF/B/DOC/OSD/DOD 8570.01?M, CHANGE 3/24JAN2012//
REF/C/DOC/DON CIO/28FEB2011//
REF/D/MSG/CNO WASHINGTON DC/061348Z OCT 11//

NARR/REF A UPDATED THE COMMERCIAL OPERATING SYSTEM/COMPUTING ENVIRONMENT 
(OS/CE) CERTIFICATION PROCESS FOR THE DEPARTMENT OF THE NAVY (DON).  REF B IS 
THE DOD INFORMATION ASSURANCE WORKFORCE IMPROVEMENT MANUAL.  REF C IS GUIDANCE 
ON CIVILIAN COMMERCIAL CERTIFICATION COMPLIANCE. REF D IS NAVADMIN 298/11 
WHICH EXTENDED THE DEADLINES FOR COMPLETING THE NAVY ENLISTED CLASSIFICATION 
(NEC)
2791 DELTA TRAINING PROCESS, MANDATORY CONVERSION OF NEC 2735 TO NEC 2791, AND 
ECHELON II REPORTING ON THESE CONVERSIONS.// POC/EVERETTE, THERESA/CIV/UNIT: 
OPNAV N2N6/WASHINGTON DC/TEL:
703-604-6289/EMAIL: theresa.m.everette@navy.mil// POC/KNIGHT, 
HENRY/CIV/UNIT: NAVCYBERFOR/VIRGINIA BEACH, VA/TEL: 757-417-6757 X2/EMAIL: 
henry.knight@navy.mil//

RMKS/1.  IAW REF A, THIS NAVADMIN UPDATES OS/CE CERTIFICATION REQUIREMENTS FOR 
THE INFORMATION ASSURANCE WORKFORCE (IAWF), HEREAFTER IDENTIFIED AS THE 
CYBERSECURITY WORKFORCE (CSWF).  THIS GUIDANCE APPLIES TO CIVILIAN (INCLUDING 
CONTRACTORS) AND MILITARY PERSONNEL WORKING IN CYBERSECURITY/INFORMATION 
ASSURANCE (IA) AND DESIGNATED AS:
A.  INFORMATION ASSURANCE TECHNICAL (IAT) 
B.  COMPUTER NETWORK DEFENSE/SERVICE PROVIDER (CND/SP) (DOES NOT INCLUDE 
DESIGNATED CND/SP MANAGERS) 
C. INFORMATION ASSURANCE SECURITY ARCHITECT AND ENGINEER (IASAE) 
D. PERSONNEL WHO PERFORM IAT FUNCTIONS REGARDLESS OF OCCUPATIONAL SERIES 
CLASSIFICATION, RATING, OR DESIGNATOR.

2.  THIS UPDATE DOES NOT CHANGE IA CERTIFICATION REQUIREMENTS.  THE COMMERCIAL 
IA CERTIFICATION REQUIREMENTS OF REF B REMAIN IN EFFECT.
FOR EXAMPLE, INFORMATION ASSURANCE MANAGEMENT (IAM) LEVEL I OR IAT LEVEL II 
STILL REQUIRE SECURITY PLUS CERTIFICATION OR EQUIVALENT TO MEET THE IA 
CERTIFICATION REQUIREMENT.

3.  REVISED OS/CE CERTIFICATION GUIDANCE.  CONSISTENT WITH REF A AND EFFECTIVE 
IMMEDIATELY, COMMERCIAL OS/CE CERTIFICATIONS ARE NO LONGER THE REQUIRED METHOD 
FOR SATISFYING REF B OS/CE REQUIREMENTS FOR NAVY IAT, CND-SP AND IASAE 
PERSONNEL.  COMMERCIAL CERTIFICATIONS MAY CONTINUE TO BE USED TO SATISFY THE 
OS/CE REQUIREMENTS, ALTHOUGH THEY ARE NO LONGER THE ONLY MEANS OF MEETING THIS 
REQUIREMENT.  WHILE IAT, CND?SP AND/OR IASAE PERSONNEL WITH PRIVILEGED ACCESS 
MUST STILL OBTAIN TRAINING FOR THE OS AND/OR SECURITY RELATED TOOLS/DEVICES 
USED WITHIN THEIR RESPECTIVE ORGANIZATIONS, COMMERCIAL OS/CE CERTIFICATIONS 
ARE NOT REQUIRED. THE FOLLOWING APPLIES:
A.  IN LIEU OF COMMERCIAL CERTIFICATION, A CERTIFICATE OF COMPLETION IS 
REQUIRED FROM AN AUTHORIZED TRAINING COURSE LIST, WHICH IS POSTED ON THE TOTAL 
WORKFORCE MANAGEMENT SERVICES (TWMS) CSWF WEB TOOL, AND WILL BE POSTED ON THE 
CYBERLINK CSWF RESOURCES PAGE AT 
HTTPS://WWW.PORTAL.NAVY.MIL/CYBERFOR/IAWF/DEFAULT.ASPX WITHIN 30 DAYS.
B.  TO CERTIFY AS NAVY IAT, CND-SP AND IASAE, CSWF MEMBERS MUST COMPLETE THE 
EQUIVALENT LEVEL TRAINING COURSE(S) WITH A SCORE THAT MEETS THE MINIMUM 
REQUIRED BY THE GOVERNING BODY, I.E., MICROSOFT, AND THEIR APPROVED TRAINING 
PARTNERS.  COURSE COMPLETION CERTIFICATES MAY BE ELECTRONIC/DIGITAL IF 
DOCUMENTED BY LEARNING MANAGEMENT SYSTEMS THAT HAVE A DATA EXCHANGE AGREEMENT 
WITH TWMS CSWF MODULE.
C.  IF DESIRED, ACTIVE DUTY PERSONNEL MAY STILL USE NAVY CREDENTIALING 
OPPORTUNITIES ONLINE TO ATTAIN OS/CE CERTIFICATIONS.

4.  ACTIONS.
A.  COMMANDERS AND COMMANDING OFFICERS SHALL:
(1) ICO CIVILIANS, EXECUTE THE PROVISIONS IN PARAGRAPH 4 OF REF C (LOCATED AT: 
HTTP://WWW.DONCIO.NAVY.MIL/POLICY.ASPX).
(2) REVIEW CSWF MILITARY MEMBER QUALIFICATIONS AND DUTIES TO ENSURE COMPLIANCE 
WITH THIS MESSAGE.
(3) WITHIN NINETY DAYS OF THIS NAVADMIN, ENSURE THAT ALL PERSONNEL ASSIGNED TO 
CSWF POSITIONS HOLD THE APPROPRIATE DOCUMENTATION AS
FOLLOWS:
(A) IF ASSIGNED AS A COMMAND IAM, A LETTER OF DESIGNATION SIGNED BY THE 
COMMANDER/COMMANDING OFFICER.
(B) IF ASSIGNED AS AN INFORMATION ASSURANCE OFFICER (IAO), A LETTER SIGNED BY 
THE COMMAND IAM OR COMMANDER/COMMANDING OFFICER THAT DELINEATES ASSIGNED IA 
RESPONSIBILITIES.
(C) IF THE MEMBER HAS PRIVILEGED ACCESS AS AN IAT, CND-SP OR IASAE, A SIGNED 
PRIVILEGED ACCESS AGREEMENT (PAA) FOR THE SYSTEMS/NETWORKS TO WHICH PRIVILEGED 
ACCESS HAS BEEN GRANTED, MUST BE HELD BY THE COMMAND IAM.
B.  CSWF PERSONNEL WHO HAVE BEEN IN THEIR ASSIGNED POSITIONS FOR SIX MONTHS OR 
LONGER MUST BE FULLY QUALIFIED PER REF B AND AS MODIFIED BY THIS NAVADMIN.  
CSWF PERSONNEL WHO HAVE NOT FULLY CERTIFIED FOR THEIR QQQQ RESPECTIVE 
POSITIONS AFTER SIX MONTHS FROM THE DATE OF THIS NAVADMIN SHALL BE PLACED INTO 
ONE OF THE FOLLOWING CATEGORIES:
(1) SIX MONTH WAIVER:  PERSONNEL IN THIS CATEGORY MUST HAVE AN APPROVED 
INDIVIDUAL DEVELOPMENT PLAN (IDP) THAT FACILITATES FULL QUALIFICATION DURING 
THE WAIVER PERIOD.  ADDITIONAL WAIVERS WILL NOT BE AUTHORIZED.
(2) UNDER SUPERVISION:  PERSONNEL IN THIS CATEGORY WILL PERFORM THEIR IA 
FUNCTIONS UNDER THE SUPERVISION OF A FULLY QUALIFIED INDIVIDUAL UNTIL THEIR 
RESPECTIVE POSITION REQUIREMENTS AND QUALIFICATIONS ARE SATISFIED.
(3) REMOVAL:  PERSONNEL, MILITARY AND CIVILIAN, IN THIS CATEGORY ARE REMOVED 
FROM THE POSITION REQUIRING IA RESPONSIBILITIES.  FOR  CIVILIAN CWSF 
PERSONNEL, FURTHER ACTION (E.G., REASSIGNMENT TO A NON-CSWF POSITION OR 
REMOVAL FROM FEDERAL SERVICE) SHALL BE TAKEN AS APPROPRIATE IN CONSULTATION 
WITH COMMAND COUNSEL AND THE SERVICING CIVILIAN PERSONNEL OFFICE.
C.  IN COLLABORATION WITH ECHELON II IAMS AND IAWF PROGRAM MANAGERS, 
NAVYCYBERFOR WILL DEVELOP A LIST OF AUTHORIZED COURSES WITHIN 30 DAYS TO MEET 
NAVY OS/CE REQUIREMENTS.  FLEET/FIELD REQUESTS TO ADD  OPERATING SYSTEM OR 
DEVICE AND/OR TOOL TRAINING COURSES TO THE AUTHORIZED LIST SHALL BE SUBMITTED 
TO NAVCYBERFOR BY ECHELON II IAMS OR IAWF PROGRAM MANAGERS. NAVCYBERFOR WILL 
ENSURE THE TWMS IAWF/CSWF MODULE REMAINS CURRENT.
D.  COMMANDER, NAVAL INSTALLATIONS COMMAND AND NAVCYBERFOR WILL UPDATE THE 
TWMS IAWF MODULE AND INCORPORATE TRACKING AND REPORTING TO  IMPLEMENT THIS 
CHANGE IN POLICY.
E.  NAVYCYBERFOR WILL UPDATE ASSOCIATED NAVY ENLISTED CLASSIFICATION CODE 
(NEC) PRODUCING COURSES TO REFLECT THIS CHANGE IN POLICY.  REF D WILL LIKEWISE 
BE MODIFIED SEPMSG TO INCORPORATE THESE MODIFICATIONS.

5.  COMPLIANCE WITH THIS NAVADMIN WILL BE VERIFIED DURING ALL STAGES OF FLEET 
CYBER COMMAND'S CYBER SECURITY INSPECTION AND CERTIFICATION  PROGRAM.

6.  RELEASED BY VADM KENDALL L. CARD, DCNO FOR INFORMATION DOMINANCE, N2N6.//

BT
#3794
NNNN
UNCLASSIFIED//