For DoD IT folks

[PsyOps]

Where I work, we’re apparently a little behind the curve. We just found out that the DoD changed the rules for security certifications and education. Within the DoD it’s a requirement that all IT people (military, civilians, and contractors) obtain at least a Security+ certification. I got mine a little over a year ago, and got in with a lifetime cert; meaning I don’t ever have to recertify again. Folks after a certain time have to recert every 3 years.

Fine and dandy… that is until the DoD stepped in and said every cert obtained before Jan 1 2011 will expire on Dec 31 2011 and you either have to recert – and do so every 3 years thereafter – before Jan 1 2012 or enroll in the CompTIA continuing education (CE) program. This program requires you pay $50 a year, in 3 year increments, and obtain a certain amount of credits in order to remain certified.

Now, I get the DoD wants IT folks to stay proficient in knowledge of network security, but this has all the makings of someone lining their pockets and Fraud Waste and Abuse. The whole certification process – whether it be CompTIA, MS, or Cisco – is a money-making racket anyway, but now the DoD has stepped in and forced every person to fork over $$$ that otherwise wouldn’t have had to do. And the best part is, the military and civilians folks will have theirs paid for by none other than YOU, the tax payer. Contractors will demand their companies pay the bill, forcing the cost of contracts to go up.

Just when our government is trying to cut spending. This could potentially cost in the hundreds of millions of dollars, just to maintain one single level of certification. For the military and civilians most IT training is maintained through Career Based Training (CBT) at very little cost to the government, now someone came along and thought this would be a brilliant idea.

Personally I’m stuck in a quandary. I am right in the middle of obtaining my CCNP certification and will have to stop everything I’m doing, start studying to either recert my Security+ or obtain a higher level cert; or enroll in the CompTIA CE program. Either way it virtually ruins my current training path and will cost me hundreds of dollars until my company figures out how they’re going to reimburse me.

MERRY CHRISTMAS!

 

[DoWhat]

until my company figures out how they’re going to reimburse me.

They just charge the government.

 

[BadGirl]

And just wait till you are billed over $6K for a SANS course so that you can take your certification test, and *still* potentially fail.

 

[PsyOps]

And just wait till you are billed over $6K for a SANS course so that you can take your certification test, and *still* potentially fail.

That's another subject all by itself. I'm a really poor test taker. And not one company I've worked with will foot the bill if I fail a cert test. Of course with my track record I'd probably bankrupt the company

 

[GWguy]

The company I work for covers it all, and if you flub a test, they will cover the cost for one more try, if you flub that, it's your cost.

 

[awpitt]

Where I work, we’re apparently a little behind the curve. We just found out that the DoD changed the rules for security certifications and education. Within the DoD it’s a requirement that all IT people (military, civilians, and contractors) obtain at least a Security+ certification. I got mine a little over a year ago, and got in with a lifetime cert; meaning I don’t ever have to recertify again. Folks after a certain time have to recert every 3 years.

Fine and dandy… that is until the DoD stepped in and said every cert obtained before Jan 1 2011 will expire on Dec 31 2011 and you either have to recert – and do so every 3 years thereafter – before Jan 1 2012 or enroll in the CompTIA continuing education (CE) program. This program requires you pay $50 a year, in 3 year increments, and obtain a certain amount of credits in order to remain certified.

Now, I get the DoD wants IT folks to stay proficient in knowledge of network security, but this has all the makings of someone lining their pockets and Fraud Waste and Abuse. The whole certification process – whether it be CompTIA, MS, or Cisco – is a money-making racket anyway, but now the DoD has stepped in and forced every person to fork over $$$ that otherwise wouldn’t have had to do. And the best part is, the military and civilians folks will have theirs paid for by none other than YOU, the tax payer. Contractors will demand their companies pay the bill, forcing the cost of contracts to go up.

Just when our government is trying to cut spending. This could potentially cost in the hundreds of millions of dollars, just to maintain one single level of certification. For the military and civilians most IT training is maintained through Career Based Training (CBT) at very little cost to the government, now someone came along and thought this would be a brilliant idea.

Personally I’m stuck in a quandary. I am right in the middle of obtaining my CCNP certification and will have to stop everything I’m doing, start studying to either recert my Security+ or obtain a higher level cert; or enroll in the CompTIA CE program. Either way it virtually ruins my current training path and will cost me hundreds of dollars until my company figures out how they’re going to reimburse me.

MERRY CHRISTMAS!

Thanks for the info but are you sure you're reading it right?

This says that anyone who took and passed the Security + exam prior to 12/31/2010 don't have renewal requirements.

Effective January 1, 2011, all new CompTIA A+, CompTIA Network+, CompTIA Security+ and CompTIA Advanced Security Practitioner (CASP) certifications will be valid for three years from the date the candidate is certified. The certification must be renewed within three years in order for the individual to remain certified.

These certifications can be maintained by passing the most current CompTIA exam prior to the three-year expiration date or enrolling in CompTIA's Continuing Education (CE) Program. This initiative allows participants to keep skills and certifications current through a variety of activities that show an understanding of relevant industry knowledge.

Individuals certified in CompTIA A+, CompTIA Network+ or CompTIA Security+ on or before Dec. 31, 2010, are considered certified for life. However, these certified professionals can enroll in the CE program to demonstrate to employers that their knowledge is current and relevant.

CompTIA Continuing Education Program



.

 

[CrashTest]

Thanks for the info but are you sure you're reading it right?

This says that anyone who took and passed the Security + exam prior to 12/31/2010 don't have renewal requirements.




CompTIA Continuing Education Program



.

That's CompTIA's policy. DoD decided to trump CompTIA's policy. Deal with it or pound sand (at the unemployment office).

 

[awpitt]

That's CompTIA's policy. DoD decided to trump CompTIA's policy. Deal with it or pound sand (at the unemployment office).

I read through DOD8570 (amended) and it does specify which Certs must be maintained but it also says the certs that must be maintained are done so based on the vendor's (CompTIA, Microsoft, Cisco, etc) set policies.

If someone could post a source or reference (approved for public release of course) that would be very helpful.

 

[Loper]

Thanks for the info but are you sure you're reading it right?
This says that anyone who took and passed the Security + exam prior to 12/31/2010 don't have renewal requirements.
CompTIA Continuing Education Program
.

I took the CompTIA class... my company paid for it and the first test. If you failed, you then had to pay for any other tests you took. I haven't heard anything about having to re-cert if you passed the test by 12/2010.

 

[EmptyTimCup]

That's another subject all by itself.

I'm a really poor test taker.

F M$ and there Certs, I got on the MCSE back in 1999 right before Win 2k came out .... spent $ 5000 for the courses, only to have M$ announce half way trough they were expiring the NT 4.0 Certs (the ones I had been studying) when 2000 came out


you may or may not remember the fiascio that cause ........ but @ that point I was pissed and refused to get involved in any Certs again


my 11 yrs experience should speak for itself

 

[GWguy]

F M$ and there Certs, I got on the MCSE back in 1999 right before Win 2k came out .... spent $ 5000 for the courses, only to have M$ announce half way trough they were expiring the NT 4.0 Certs (the ones I had been studying) when 2000 came out


you may or may not remember the fiascio that cause ........ but @ that point I was pissed and refused to get involved in any Certs again


my 11 yrs experience should speak for itself

We were told to get the A+ cert or risk being laid off. I the boss that I was not going to do it, that I could teach it after 30 years experience.

I'm still here. I've got hardware certs for HP, Dell, etc... but refuse to get anything else.

 

[CrashTest]

We were told to get the A+ cert or risk being laid off. I the boss that I was not going to do it, that I could teach it after 30 years experience.

I'm still here. I've got hardware certs for HP, Dell, etc... but refuse to get anything else.

You might not get laid off, and at your age, you probably won't be working much longer, but good luck trying to get an IT job nowadays as a LACK-O-CERT.

Most certs are BS in terms of your real world knowledge, but HR people don't see it that way. HR people don't live in a real world. When an HR person see a LACK-O-CERT resume, it ends up in the circular file cabinet before a technical manager ever sees it.

 

[GWguy]

You might not get laid off, and at your age, you probably won't be working much longer, but good luck trying to get an IT job nowadays as a LACK-O-CERT.

Most certs are BS in terms of your real world knowledge, but HR people don't see it that way. HR people don't live in a real world. When an HR person see a LACK-O-CERT resume, it ends up in the circular file cabinet before a technical manager ever sees it.

That's why I can be so 'eh' about it. I'm ready to retire, have no intention of ever having to go thru another hiring process again. Just waiting for that opportune moment to walk out the door and not look back.

I do understand and feel for my peers who are just starting out in this profession. It's a royal pain.

 

[desertrat]

We were told to get the A+ cert or risk being laid off. I the boss that I was not going to do it, that I could teach it after 30 years experience.

I'm still here. I've got hardware certs for HP, Dell, etc... but refuse to get anything else.

Not IT, but I am not doing any more of the "required" training. Security, ethics, etc. I will do any stuff needed for NMCI access. Other than that. Uhuh. I can retire any time so all I need is a big push in the "sit back and take it easy" role.

 

[John Z]

The IAWF requirements are a pain to manage, especially for a system/lab manager like me. In a few weeks, I face pulling the SysAdmin appointments for at least a few people who work on my team.

Did you know that the fine print for SysAdmin also requires IT-1 designation, which in turn requires an SSBI be favorably adjudicated? We're all ignoring that one where I work....

 

[Loper]

F M$ and there Certs, I got on the MCSE back in 1999 right before Win 2k came out .... spent $ 5000 for the courses, only to have M$ announce half way trough they were expiring the NT 4.0 Certs (the ones I had been studying) when 2000 came out


you may or may not remember the fiascio that cause ........ but @ that point I was pissed and refused to get involved in any Certs again


my 11 yrs experience should speak for itself

your situation sounds like what I went through... except I self studied and had all four core NT 4 certs and just had to take the two electives and Microsoft decided to retire them... so many people complained that they decided not to ... but I said screw it and started on my bachelor's instead.

 

[acommondisaster]

Dept of Defense Directive: DoDD 8570

My company picked up the tab for my test, but I had to self train for Sec +.

Now it looks like I need CEH or GIAC to stay current, and even the tests are very expensive. ITIL was also mandatory, but no test required unless I wanted to get the certificate.

SOMEONE somewhere at a decision making level must have been retiring from the government and getting a job at COMP TIA, because requiring the entire community; contractor, gov't employee and military adds up to a whole lot of dough; especially now that they've decided to require recertification.

NOW vendors are starting to follow suit - I just attended a class for some software we use and they announced they'll have a certification test ready for prime time soon. So I imagine that will wind up being required. I wish I could charge for the time I spend studying for all this required stuff.

 

[awpitt]

That's CompTIA's policy. DoD decided to trump CompTIA's policy. Deal with it or pound sand (at the unemployment office).

Can you find the section that says the DoD trumped CompTIA's policy? I could only find references that defer to the testing vendor's policy.

http://www.dtic.mil/whs/directives/corres/pdf/857001m.pdf


.

 

[PsyOps]

Can you find the section that says the DoD trumped CompTIA's policy? I could only find references that defer to the testing vendor's policy.

http://www.dtic.mil/whs/directives/corres/pdf/857001m.pdf.

8570.1 is very vague about it. If you go here and click on the link in item #2 it will take you to the DoD site (which requires CAC login) where you can authorize the release of your cert to the DoD. Once you do this (it takes about 5 days to update) it will show the status of your cert; which in every case has an expiration date of 31 Dec 11. If you took your test on or after 1 Jan 11 you are good for 3 years. If you took it before then it will expire on 31 Dec 11. EVen if you took it on 31 Dec 10 - which should be good for 3 years - it will show an expiration date (according to the DoD) of 31 Dec 11.

 

[awpitt]

8570.1 is very vague about it. If you go here and click on the link in item #2 it will take you to the DoD site (which requires CAC login) where you can authorize the release of your cert to the DoD. Once you do this (it takes about 5 days to update) it will show the status of your cert; which in every case has an expiration date of 31 Dec 11. If you took your test on or after 1 Jan 11 you are good for 3 years. If you took it before then it will expire on 31 Dec 11. EVen if you took it on 31 Dec 10 - which should be good for 3 years - it will show an expiration date (according to the DoD) of 31 Dec 11.

Thanks for the info.