WASHINGTON (08/21/2000) - The U.S. Federal Aviation Administration has tapped a vendor to develop a certification program for FAA information systems security workers.
The FAA announced plans Aug. 11 to make a sole-source award to the International Information Systems Security Certification Consortium Inc.
(ISC2), a nonprofit corporation that develops certification programs for information systems security practitioners.
ISC2 is expected to conduct six classes of 35 to 40 employees each beginning Sept. 16. The company will certify information systems security professionals in support of the FAA's Information Systems Security training initiative.
The FAA created its Information Systems Security program in response to the Computer Security Act of 1987. The act requires that agencies train federal employees and supporting contractors prior to giving them access to a computer system.
In May, the FAA created the Office of Information Systems Security under the authority of Raymond Long, formerly the FAA's Year 2000 program leader, to coordinate the agency's information security activities at all air traffic facilities.
Long has said that the key to a successful program lies in building an awareness of security issues within the work force. The General Accounting Office in December 1999 reported that the FAA's insufficient management support, insufficient user training and inadequate policy enforcement contributed to its failure to comply with internal personnel security policies during the Year 2000 remediation effort.
ISC2 will be responsible for training and certifying FAA information systems security workers in Washington, D.C., Oklahoma City and other locations.