FAA to boost work force training
- By Paula Shaki Trimble
- Aug 21, 2000
The Federal Aviation Administration has tapped a vendor to develop a certification
program for FAA information systems security workers.
The FAA announced plans Aug. 11 to make a sole-source award to the International
Information Systems Security Certification Consortium Inc. (ISC2), a nonprofit
corporation that develops certification programs for information systems
ISC2 is expected to conduct six classes of 35 to 40 employees each beginning
Sept. 16. The company will certify information systems security professionals
in support of the FAA's Information Systems Security training initiative.
The FAA created its Information Systems Security program in response
to the Computer Security Act of 1987. The act requires that agencies train
federal employees and supporting contractors prior to giving them access
to a computer system.
In May, the FAA created the Office of Information Systems Security under
the authority of Raymond Long, formerly the FAA's Year 2000 program leader,
to coordinate the agency's information security activities at all air traffic
Long has said that the key to a successful program lies in building
an awareness of security issues within the work force. The General Accounting
Office in December 1999 reported that the FAA's insufficient management
support, insufficient user training and inadequate policy enforcement contributed
to its failure to comply with internal personnel security policies during
the Year 2000 remediation effort.
ISC2 will be responsible for training and certifying FAA information
systems security workers in Washington, D.C., Oklahoma City and other locations.