The Office of Personnel Management laid out new requirements for agencies to comply with the Federal Cybersecurity Workforce Assessment Act.
The law, which was packaged in December's budget bill, calls on OPM to help agencies identify IT and cybersecurity positions throughout the federal government, classifying them to keep better track of vacancies and required certifications for those employees.
In an Aug. 1 memo from Associate Director for Employee Services Mark Reinhold, OPM lays out a timeline for agencies to implement the law's requirements.
"Because it is important for us to collaborate to find the best ways to implement the Act, we are coordinating with Government-wide Councils and [National Initiative for Cybersecurity Education] networks to garner their insights about how agencies could leverage best practices for implementing requirements within the law as some requirements, such as the assessment of certifications, are new," the memo said.
- Agencies have to have a baseline assessment of their cyber positions by December, including who holds the appropriate certifications and mitigation strategies for staff training gaps.
- By January, OPM and NICE will collaborate on revising the coding structure for cybersecurity data standards in the Enterprise Human Resources Integration system to incorporate it with the NICE Workforce Framework. OPM will begin phasing in the revised code into agency application in October 2016.
- By December 2017, agencies should complete the revised code for Information Technology, Cybersecurity, and Cyber-related civilian positions and vacancies.
- From December 2018 to 2022, agencies will be annually identifying critical needs in Information Technology, Cybersecurity, and Cyber-related fields and report them to OPM. The office will then collaborate with NICE and federal agencies to define the roles that are of critical need.
The moves continue the federal government's initiative to close cyber skills gaps in the civil service. OPM said that agencies can find guidance its MAX page or contact Shanaz Porter at Shanaz.Porter@opm.gov or (202) 606-1005 for any questions.