*Read our disclaimer
Disclaimer
Each certification is mapped to the National Cybersecurity Workforce Framework (NCWF). The Framework organizes cybersecurity into seven high-level Categories, each comprised of several specialty areas, work roles, knowledge, skills, abilities, and tasks. These seven high-level Categories are aligned directly to the CCE® Program’s certification Concentration Areas. Candidates often prepare for an exam by using a variety of resources that familiarize them with the authoritative sources and the exam’s concentration area.
Third-party products and services, including course instructors have helped many candidates to close knowledge and skill gaps. Lunarline does not endorse any particular provider and encourages candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and the exam’s concentration area.
Certification Description
Authoritative Sources
- NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
- NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations
- NIST SP 800-53A Revision 4 – Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans
Requirements
Candidates must possess at least 3 years of experience in information security Assessments and Authorization (A&A) in order to obtain the expert level credential. The associate level credential will be awarded to those who pass the exam, but do not have the required experience. The credential can be elevated to expert level upon attaining the required experience. Simply email [email protected] to start the experience verification process.
Mapping to the NICE Framework
NICE Work Role Name:
Security Control Assessor
NICE Framework Category
CCE® Concentration Area:
Securely Provision (SP)
NICE Specialty Area:
Risk Management (RSK)
NICE Work Role ID:
SP-RSK-002
OPM Code | DCWF Code:
612
NICE Work Role Description:
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
Lunarline Training Courses:
*Read our disclaimer
Disclaimer
Independence: The Lunarline SCS Training Program and Certification Program are independent from one another. Although they may target the same NICE category, specialty area, work role, and/or authoritative sources, certification exams are not based on any SCS training. Taking SCS training is NOT required and Lunarline does not guarantee that an individual will pass nor have any advantage based on participation with SCS training. The following training offerings are intended to show linkage only to the same NICE category, and not linkage to the certification or exam content.
Continuing Education: The Lunarline SCS Training Program and other third-party vendors offer activities, products and services across the country that qualify as Professional Development Credits (PDCs) that target the same NICE category, specialty area, work role, and/or authoritative sources as our certifications. We encourage candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and reflect their learning styles and needs.
- Common Controls Provider (SP062-WBT)
- Information Security and Information Technology Auditing (OV131)
- Information Security Risk Assessments (SP130)
- IT Program Auditor (OV208-RBT)
- RMF for DoD and Intelligence Communities Information Technology (IT) In-Depth 3-Day Course
- RMF for DoD and Intelligence Communities Information Technology (IT) – Intensive 4-Day Course
- Risk Management Framework for Federal Systems In-Depth 3-Day Course
- Risk Management Framework for Federal Systems Intensive 4-Day Course
- RMF Rev5 Process Change - WBT (SP001-WBT)
- Security Control Assessor (SP201-RBT)
- System Compliance Assessment Methodology for NIST 800-53 App J (SP068-WBT)
NICE Work Role Name:
IT Program Auditor
NICE Framework Category
CCE® Concentration Area:
Oversee and Govern (OV)
NICE Specialty Area:
Program/Project Management (PMA) and Acquisition
NICE Work Role ID:
OV-PMA-005
OPM Code | DCWF Code:
805
NICE Work Role Description:
Conducts evaluations of an IT program or its individual components to determine compliance with published standards.
Lunarline Training Courses:
*Read our disclaimer
Disclaimer
Independence: The Lunarline SCS Training Program and Certification Program are independent from one another. Although they may target the same NICE category, specialty area, work role, and/or authoritative sources, certification exams are not based on any SCS training. Taking SCS training is NOT required and Lunarline does not guarantee that an individual will pass nor have any advantage based on participation with SCS training. The following training offerings are intended to show linkage only to the same NICE category, and not linkage to the certification or exam content.
Continuing Education: The Lunarline SCS Training Program and other third-party vendors offer activities, products and services across the country that qualify as Professional Development Credits (PDCs) that target the same NICE category, specialty area, work role, and/or authoritative sources as our certifications. We encourage candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and reflect their learning styles and needs.
- Information Security and Information Technology Auditing (OV131)
- IT Program Auditor (OV208-RBT)