As it relates to the process of managing 8570 or 8140, document organization is only one piece of the certification management puzzle. When you really explore the root capabilities of SharePoint, it is a check-in, check-out system, with the ability to be expanded through custom development within certain limits.
While SharePoint is great at storing all of your individual certifications in one place. The high-value work to manage 8570 and 8140 compliance would all be significant custom development components or have to happen outside of SharePoint.
Examples of functions outside of SharePoint functionality that would be needed:
- Classifying all individuals into various 8570/8140 defined roles For 8140, this will define the knowledge, skills, and abilities or tasks.
- Assigning specific or possible paths certification and training requirements to those individuals based on the 8570/8140 roles.
- Handling any changes to a users roles and assigning new training and certification requirements per the new role
- Automated notifications to individuals of upcoming certification expirations and custom escalations of unmet upcoming certification requirements.
- Automated integrations to Learning Mgmt systems or other HR systems to capture key pieces of data, versioning, audit trails, staff training, and attestations
- Reporting at every level of the organization for individuals, group managers, and organization leaders.
The features above and many more come standard in CyberSTAR. So, while SharePoint can indeed be effective as a central repository for your compliance artifacts and also as a tool for dissemination and collaboration, it can’t help speed up your workflow or create efficiencies. If anything, the hefty setup and maintenance requirements risk adding more work to your compliance team’s already lengthy to-do list.
WillCo Tech’s CyberSTAR™ software is a proprietary platform that sets the standard for cybersecurity compliance, readiness, and posture. It is the only DoDD 8140-compliant platform contracted for use within the Department of Defense. WillCo Tech is the sole source provider of a white-labeled version of CyberSTAR (ACTCS) to the U.S. Army. The platform manages and tracks compliance for over 1 million active users every month.
Highly customizable, CyberSTAR integrates with training providers, commercial training vendors, and IT training libraries. Through the CyberSTAR platform users are able to access cyber training courses from several trusted providers including, Ec-Council, Joint Knowledge Online, DHS, or any other custom training solution or document signing/acknowledgment toolset. The system also provides integration to all of the major certification providers like SANS, CompTIA, etc CyberSTAR delivers out-of-the-box compliance mapping to DoDD 8570, NICE/NIST, and is the only tool available with mapping to the forthcoming DoDD 8140 standard.
How It Works:
Agencies can identify their cyber workforce in multiple ways. Some of our clients integrate the tool into an Active Directory group structure which has roles identified. Other clients use our online assessment tool which is designed to map individuals to their proper category and level. A profile is given to each system user.
CyberSTAR delivers out-of-the-box compliance mapping to DoDD 8570, NICE/NIST, and is the only tool available with mapping to the forthcoming DoDD 8140 standard. The system auto-generates a training plan with the relevant courses needed for workforce compliance. Courses from DoD entities or commercial training vendors are integrated into the CyberSTAR system or can be chosen from one of CyberSTAR’s integrated training providers.
Certification exam vouchers can be imported, distributed, and managed. E-vouchers are assigned to users that are ready to take the exam. A voucher distribution system manages the process using a voucher-on-demand model. The system also provides integration to major certification providers like SANS, CompTIA, etc. This feature will certify when a resource has passed a certification exam and will update its profile accordingly.
Report / Comply
Multiple reports can be generated at every level of the system hierarchy. Compliance data can be retrieved, and reports generated at any time. Compliance parameters can be set per group, and results placed in the proper database.
Click below to request a demo to learn more about how CyberSTAR can augment or replace your current SharePoint solution, or download our new white paper and learn how a cyber workforce management system can help ease the transition to DoDD 8140.02 (DCWF).