Changes to NASA’s Requirements for Annual Cybersecurity and Sensitive Unclassified Information Awareness Training

Susan Mcclain requested that the following NASA LaRC bulletin be shared with LaRC Contractors Steering Council members.

NASA Acting Chief Information Officer Jeffry Seaton provided updated policy guidance on NASA’s Annual Cybersecurity and Sensitive Unclassified Information Awareness Training to meet the requirements of the Federal Information Security Modernization Act of 2014 (FISMA) in a memo dated September 14.

Starting in FY2021 there will be no more Center-specific training deadlines and enforcement.  Annual training deadlines will be individual, based on the last time the employee took the training, and SATERN will be updated accordingly.  The process is being automated, and automatic notifications will occur through the system. Agency IT access will be suspended if requirements are not met on schedule.

All NASA-badged employees and contractors must take one of two training courses every twelve months.

The FY2021 Agency Cybersecurity and Sensitive Unclassified Information Awareness Training course is required for employees and contractors with IT access. This training is administered and recorded via SATERN.

FY2021 Agency Non-IT Privacy, Security, and Sensitive Unclassified Information Awareness Training is required for employees and contractors with no IT access. This training is administered via standalone slides and recorded in IdMAX.

No exceptions or substitute trainings will be permitted to meet this training requirement.  FY2021 training courses will be available beginning December 2020.

This entry was posted in Announcement. Bookmark the permalink.

Comments are closed.