Level 1 certification is required prior to being authorized any unsupervised privileged access. Personnel performing these functions, regardless of their occupational title (e.g., system administrator, help desk technician, information system technician, etc,) shall be identified as part of the IA workforce and must comply with these requirements.
IAM Level I
IAM Level I personnel are responsible for the implementation and operation of a DoD IS or system component within their CE. Incumbents ensure that IA related IS are functional and secure within the CE.
IAT Level II
IAT Level II personnel provide network environment (NE) and advanced level Computing Environment (CE) support. They pay special attention to intrusion detection, finding and fixing unprotected vulnerabilities, and ensuring that remote access points are well secured.
IAM Level II
IAM Level II personnel are responsible for the IA program of an Information System (IS) within the Network Environment (NE). Incumbents in these positions perform a variety of security related tasks, including the development and implementation of system information security standards and procedures. They ensure that the IS are functional and secure within the NE.
IAT Level III
IAT Level III personnel focus on the enclave environment and support, monitor, test, and troubleshoot hardware and software IA problems pertaining to the CE, NE, and enclave environments. An enclave is any secured, self-contained computational system within a system of local area networks.
IAM Level III
IAM Level III personnel are responsible for ensuring that all enclave IS are functional and secure. They determine the enclaves’ long term IA systems needs and acquisition requirements to accomplish operational objectives. They also develop and implement information security standards and procedures.