The Department of Defense Directive 8570.1 has made it mandatory for all military personnel, full-time, part time, contractors, or foreign employees with privileged access to DoD information system, to obtain a commercial information system security credential accredited by ANSI or equivalent authorized body under ISO/IEC Standard 17024:2003. The directive also requires the employees to upgrade or maintain their professional certification every year.

Certified Information Systems Security Professional (CISSP) is the choice for information assurance managers who are required by the mandate to receive a more comprehensive certification than technical personnel. CISSP meets the requirements needed for managers categorized as T3, M1, M2, or M3.

The complete text of Dod 8570.1 is available here for download.