8140 FAQ

Click the bar for each question to toggle to the response.

Who is supported by 8140?

DoD 8140 serves the broader DoD cyber workforce, DoD Components carrying out cyber missions and all DoD cyber positions required to perform cyber work. DoD 8140 supports military service member, DoD civilians, and contractor employees performing cyber work within the scope of their assigned cyber element (IT, cyber enablers, cyber effects, cyber (intel), or cybersecurity). DoD 8140 will be updated to address other relevant functional communities.

What is DoD Directive 8140?

The DoD Directive (DoDD) 8140.01 was initially signed August 11, 2015, change 1 was released on July 31, 2017, and was rereleased on August 5, 2020. The Directive unifies the overall cyber workforce and establishes specific workforce elements (e.g., information technology (IT), cybersecurity, cyber effects, cyber (intel), and cyber enablers) to align, manage and standardize cyber work roles, baseline qualifications, and training requirements. It establishes the DoD Cyberspace Workforce Framework (DCWF) as the authoritative reference for the identification, tracking, and reporting of DoD cyberspace positions and foundation for developing enterprise baseline cyberspace workforce qualifications. The Directive also establishes the Cyber Workforce Management Board with representation from the Offices of the DoD CIO, Under Secretary of Defense for Acquisition and Sustainment (A&S), Under Secretary of Defense for Research and Engineering (R&E), Under Secretary of Defense for Personnel and Readiness (USD(P&R)), Under Secretary of Defense for Intelligence & Security (USD(I&S)), the Director, National Security Agency/Chief, Central Security Service (DIRNSA/CCSS), Under Secretary of Defense for Policy (USD(P)), the Chairman of the Joint Chiefs of Staff, and other DoD Components.

Does the DoDD 8140.01 address operational employment of work roles?

The DoDD 8140.01 does NOT address operational employment of the work roles. Operational employment of the DoD cyber workforce is determined by the Joint Staff, Combatant Commands, and other DoD Components to address mission requirements.

Where can I find DoD implementation resources for 8140?

DoD 8140 Implementation resources can be found here: https://www.dodemergingtech.com/

Where can I find a copy of the DoD 8140 issuances?

Copies of the DoD 8140 issuances can be found on Cyber Exchange here: https://www.dodemergingtech.com/dod-workforce-innovation-directorate/documents-library/

Where can I find a list of DoD 8140 foundational qualification options?

Your Content Goes Here

Where can I find the 2023 DCWF Coding and Identification Guide?

XXXXX

Where can I find a link to the DoD Cyber Workforce Framework?

XXXX

Do the DoD 8140 qualfication requirements replace DoD Component requirements?

No. DoD 8140 does not replace or infringe on any DoD Component responsibilities, functions or authorities. Organizations are still required to comply with relevant DoD Component, command, or community specific requirements.

DoD Components may require personnel performing cyber job functions to complete specific certifications or training in addition to those identified in the DoD 8140 Manual. Confirm with your direct supervisor or your Cyber Workforce Advisory Group representative that you are categorized and qualified at the right level and meet the appropriate DoD Component-specific requirements.

Do the National Unions support these requirements?

Yes. As part of the DoD’s formal staffing process, USD(P&R) conducted a “National consultation rights” (NCR) review during which the unions had an opportunity to comment on the DoD 8140 Manual. The national unions concurred without comment.

What roles do the National Unions play in the DoD 8140 policy series?

National consultation rights (NCR) do not absolve the unions from fulfilling their local bargaining obligations as appropriate prior to implementation of DoD policy.

They can participate in plans for meeting the DoDM 8140.03 requirements for the DoD civilian cyber workforce.
For example:

Who needs to be qualified is non-negotiable.
Order/priority to qualify the local cyber workforce may be negotiated.
The number of retests the organization will fund may be negotiated.

What are the four recognized cyber occupations under DoD 8140?

The recognized cyber occupations under DoD 8140 are 2210 Information Technology Management, 1550 Computer Science, 0332 Computer Operations, and 0335 Computer Clerk and Assistant.

Positions aligned to these occupations must be coded in accordance with DoD 8140 requirements.

Is my DoD Component required to code all of our cyber positions?

Yes, all cyber positions must be coded. Any DoD civilian position with a designated cyber occupational series is expected to have a designated cyber work role. Exemptions must have documented justification for non-cyber coding. DoD Components should review all positions to decide whether they require the performance of cyber work.

Do personnel assigned to a coded DCWF work role have a timeline to get qualified?

Yes. DoD civilian employees and military service members must achieve 1) foundational qualification requirements within nine months of assignment to a cyber work role and 2) resident qualification requirements within 12 months of assignment to a cyber work role. Foundational and residential qualification requirement timelines are concurrent.

The contracting officer of each organization should ensure that contract support personnel are appropriately qualified.

DoD Components should not pay for contractors to obtain/retain required certifications. However, DoD Components may provide additional training on local or DoD specific system procedures.

How can I identify who is in the cyber workforce?

Human resources and functional community managers should first review position requirements and apply work role codes as appropriate to military and civilian billets in authoritative manpower systems. The DCWF Workforce Coding and Identification Guide, found on Cyber Exchange, includes further information on military and civilian occupational series that are often engaged in cyber work and have additional requirements for coding. Periodic reviews of position requirements and subsequent updates to work role coding should be completed to account for newly added positions, to reflect any changes to the position duties and incorporate any updates made to the DCWF.

Once DCWF work role coding has been completed in the manpower system, human resources and functional community managers must ensure those work roles are applied to the corresponding personnel records within authoritative personnel system of record. Once this activity is completed, system managers will be able to extract reports of all positions and personnel engaged in cyber activities.

Do training requirements for DoD Cyber Operations Forces also meet 8140.03?

Yes, training that meets the requirements of the DoD Cyber Operations Forces satisfies the requirements of the DoDM 8140.03.

How do personnel get qualified?

Personnel assigned to a position that is coded with a DCWF work role must meet the foundational, residential, and continuous professional development qualification requirements outlined for each work role at the assigned proficiency level(s).

Who is responsible for ensuring compliance with 8140 qualifications?

It is the DoD Component’s responsibility to ensure compliance with these areas in accordance with DoD 8140.

I am new to the cyber workforce. How long do I have to become qualified?

Within two years of the effective date of DoDM 8140.03, published on February 15, 2023, all DoD civilians and military service members in cyber work roles under the cybersecurity workforce element must be qualified. Within three years of the effective date of DoDM 8140.03 (15 February 2026), all DoD civilians and military service members in work roles under the cybers IT, cyber effects, intelligence (cyber) and cyber enabler workforce elements must be qualified. Thereafter, all incumbents and new hires must be trained, qualified in accordance with DoDM 8140.03.

Can OSD, DoD components use waivers for the 8140 Workforce Qualification Program?

OSD and DoD Component heads, or a delegated authority, may waive the qualification requirements for DoD civilian employees and military service members only under severe operational or personnel constraints. Waivers may not exceed six months, except in an emergency situation during a deployment to a combat environment. Consecutive waivers for DoD civilian employees and military service members are not authorized.

For government contracting standards, is there a DFARS section I can refer to?

Government contracting representatives can refer to the DFARS Subpart 239.71 for qualification standards.

The Federal Government is actively working on updates to the DFARS. As soon as the full timeline for updates are understood, DoD CIO will provide additional guidance regarding contractor timelines.

If I need more information, who can I talk to?

For more information about the Cyber Workforce Qualification Program, contact the DoD CIO Workforce Innovation Directorate at: osd.mc-alex.dod-cio.mbx.cyberspace-workforce-tag@mail.mil

How do I submit new ideas or suggestions for inclusion into DoD 8140?

Each major DoD Component is represented by at least one voting member at the Cyber Workforce Advisory Group (CWAG). Each CWAG representative has the role of gathering input from their DoD Component’s cyber workforce to submit to the CWAG. Contact your DoD Component’s Office of Primary Responsibility (OPR) point of contact to provide direct feedback.