Federal Register: October 3, 2007 (Volume 72, Number 191)

DOCID: fr03oc07-79 FR Doc E7-19566

DEPARTMENT OF HOMELAND SECURITY

Homeland Security Department

Docket ID: [Docket No. DHS-2007-0068]

NOTICE: NOTICES

DOCID: fr03oc07-79

ACTION: Reports and guidance documents; availability, etc.:

DOCUMENT ACTION: Notice of availability.

SUBJECT CATEGORY:

Information Technology Security Essential Body of Knowledge

DATES: Submit comments on or before December 7, 2007.

DOCUMENT SUMMARY:

This notice informs the public and interested stakeholders that the Department of Homeland Security (DHS) is making available for public review and comment ``Information Technology (IT) Security Essential Body of Knowledge (EBK): A Competency and Functional Framework for IT Security Workforce Development.'' This framework is intended to assist the public, private, and academic sectors with strategic IT security workforce development initiatives including professional development, training and education. The EBK is not an additional set of DHS guidelines, and it is not intended to represent a standard, directive, or policy by DHS. Instead, it further clarifies key IT security terms and concepts for welldefined competencies, identifies notional security roles, defines four primary functional perspectives, and establishes an IT Security Role, Competency, and Functional Matrix.

SUMMARY:

Information Technology Security Essential Body of Knowledge: A Competency and Functional Framework for IT Security Workforce Development,

SUPPLEMENTAL INFORMATION

The IT security workforce must be prepared to meet the challenges that exist today and in the future. IT security is a strategic aspect of an organization's business or mission and as a strategic priority, it has the potential of enhancing productivity and improving the way an organization functions. As the IT security profession matures, it requires qualified professionals with the competencies to support increasingly sophisticated demands. In response to this challenge, the DHSNCSD worked with higher education, government and private sector experts to develop an umbrella framework that establishes a national baseline representing the essential knowledge and skills that IT security practitioners must have to perform.

The DHS National Cyber Security Division (NCSD) developed the IT Security EBK as a competencybased framework that links competencies and functional perspectives to IT security roles fulfilled by personnel in the public and private sectors. Potential benefits of the IT Security EBK for both professional development and workforce management initiatives include:

  • Articulating the functions that professionals within the IT security workforce perform, in a contextneutral format and language;
  • Promoting uniform competency guidelines to increase the overall efficiency of IT security rolebased training; and
  • Providing a content guideline that can be leveraged to facilitate costeffective professional development of the IT workforce, including future training and education, academic curricula, or affiliated human resource activities.

    The IT Security EBK builds directly upon the work of established bodies of knowledge; it is not an additional set of guidelines, and it is not intended to represent a standard, directive or policy by DHS. Instead, it further clarifies key
    [[Page 56370]]
    IT security terms and concepts for welldefined competencies, identifies notional security roles, defines four primary functional perspectives, and establishes an IT Security Role, Competency and Functional Matrix to help advance the IT security training and certification landscape as we strive to ensure that we have the most qualified and appropriately trained IT security workforce possible.

    Dated: September 26, 2007.
    Greg Garcia,
    Assistant Secretary for Cybersecurity and Communications.
    [FR Doc. E719566 Filed 10207; 8:45 am]
    BILLING CODE 441010P

    FOR FURTHER INFORMATION CONTACT

    Brenda Oldfield, Director for Education, Training and Workforce Development, National Cyber Security Division, Department of Homeland Security, EMail:
    ITSecurityEBK@dhs.gov
    .