FISCAL YEAR 2019 CYBERSECURITY AWARENESS CHALLENGE:

1 NAVADMINs are known that refer back to this one:
NAVADMIN ID Title
NAVADMIN 292/19 FISCAL YEAR 2020 CYBERSECURITY AWARENESS CHALLENGE
UNCLASSIFIED//
ROUTINE
R 221554Z OCT 18
FM CNO WASHINGTON DC
TO NAVADMIN
INFO CNO WASHINGTON DC
BT
UNCLAS
PASS TO OFFICE CODES:
FM CNO WASHINGTON DC//N2N6//
INFO CNO WASHINGTON DC//N2N6//

NAVADMIN 256/18

MSGID/GENADMIN/CNO WASHINGTON DC/N2N6/OCT//

SUBJ/FISCAL YEAR 2019 CYBERSECURITY AWARENESS CHALLENGE//

REF/A/MSG/CNO WASHINGTON DC/271706ZDEC17//
REF/B/DOC/SECNAVINST 5239.3C/2MAY16//
REF/C/MSG/CNO WASHINGTON DC/121446ZSEP18//
NARR/REF A IS NAVADMIN 314/17 PROVIDING GUIDANCE FOR THE FISCAL YEAR 2018 
(FY18) CYBERSECURITY AWARENESS TRAINING.  REF(B) IS THE SECRETARY NAVY 
INSTRUCTION DEPARTMENT OF THE NAVY (DON) CYBERSECURITY POLICY WHICH 
ESTABLISHES DON POLICY FOR CYBERSECURITY.  REF (C) IS NAVADMIN 226/18, FY19 
GENERAL MILITARY TRAINING REQUIREMENTS// POC/VIEIRA/CIV/OPNAV N2N6G11/-/TEL:  
(703) 695-7809 /E-MAIL:  michael.vieira@navy.mil//

RMKS/1.  This NAVADMIN supersedes reference (a) and provides guidance for the 
fiscal year 2019 Cybersecurity Awareness Challenge training requirement.  The 
current approved version of the training is Cyber Awareness Challenge (CAC) 
2018 (Note: CAC 2018 has also previously been referred to as CAC version 5).

2.  Per references (b) and (c), Navy personnel (military, civilian, and 
contractor) with access to unclassified or classified networks must complete 
the Department of Defense (DoD) employee version of the Cyber Awareness 
Challenge by 30 September 2019.  Navy personnel (military, civilian, and 
contractor) with access to Sensitive Compartmented Information must complete 
the Intelligence Community
(IC) version of the CAC.

3.  Defense Information Systems Agency (DISA) is expected to approve an 
updated version of the training (CAC 2019) in late 2018.  This version will 
include an option for facilitated delivery and test-out.

4.  Personnel who complete CAC 2018 after 1 October 2018 and prior to DISA 
approval and release of CAC 2019, satisfy the FY19 CAC General Military 
Training (GMT) requirement and will not be required to complete CAC 2019.  
Once CAC 2019 is approved and released, all remaining Navy personnel 
(military, civilian, and contractor) who have not satisfied FY19 CAC GMT must 
complete CAC 2019 by 30 September 2019.

5.  Authorized methods for training delivery:
    a.  Total Workforce Management Service (TWMS), 
https://twms.navy.mil/selfservice/login.asp;
    b.  Navy e-Learning (NEL), https://learning.nel.navy.mil; (Note:  The My 
Navy Portal, https://www.mnp.navy.mil/group/general-skills-training/gmt will 
also redirect users to the NEL link)
    c.  DISA Website, 
https://iatraining.disa.mil/eta/disa_cac2018/launchPage.htm;
    d.  Other approved training sources, DISA Digital Video Discs (DVDs).

6.  Ships can access the annual training from the NEL application hosted on 
the Navy Information/Application Product Suite (NIAPS) server, eliminating 
the need to reach back to shore hosted NEL websites.  The CAC 2018 (DoD 
employee and IC) courses are available via the NEL Afloat Learning Management 
System Pub Amendment 112 for download by the NIAPS Administrator using the 
normal manual NIAPS distance support update process.  If unable to download 
Learning Management System Pub Amendment 112, ships can request a DVD with 
these files to be mailed by submitting a support request to Navy 311.  
Additionally, CAC 2019 is available for pre-order from DISA.  To pre-order, 
download and submit a DoD Information Assurance Training and Awareness 
Product order form from 
http://iasecontent.disa.mil/eta/products_order_form.pdf.  Include a written 
note in the comments section to ask for "Cyber Awareness Challenge (CAC 2019) 
DVDs, when available.

7.  Although Cybersecurity Awareness Challenge training is an individual 
responsibility, commanders and commanding officers are accountable for 100 
percent certification of their personnel.  Training officers are responsible 
for ensuring their personnel complete and properly document the required 
training.  The Information System Security Manager (ISSM) is responsible for 
reporting compliance to meet Federal Information Security Modernization Act 
of 2014 requirements.

8.  Command training officers must validate training via TWMS or Fleet 
Training Management and Planning System (FLTMPS) 
(https://ntmpsweb.ncdc.navy.mil/fltmps/) authoritative databases.  Training 
officers will manually record training completed via the DISA website or DISA 
DVDs in FLTMPS using the Learning Event Completion Form.  Report any 
discrepancies to the Navy Training Management Planning System Operational 
Support office at ntmps.support@navy.mil or 1-866-438-2898/DSN 922-1867.

9.  Echelon II training officers are responsible for maintaining a list of 
personnel who fulfilled the training requirement in addition to compiling 
data in TWMS for their respective area of responsibility.  The command ISSM 
will disable accounts of users who do not complete the training by 30 
September 2019.

10.  This NAVADMIN will remain in effect until cancelled or superseded.

11.  Released by VADM Matthew J. Kohler, Deputy Chief of Naval Operations for 
Information Warfare, OPNAV N2N6//

BT
#0001
NNNN
UNCLASSIFIED//