Main Logo

Guest Post | DoDD 8140.03: A Step in the Right Direction

Blog Banner Department of Defense Information Technology



My brother the economist often says that government has no business “picking winners and losers.” Of course, anything our government does with our money essentially picks winners (who gets the money) and losers (who doesn’t). But the real point here is that many economists think that the government shouldn’t pick winners and losers in our capitalist marketplace. It subverts Adam Smith’s good, old “invisible hand” or something like that.

So, when the government gives massive incentives, say, to buy electric vehicles, many of The Tribe of Econ shake their heads, saying, “Foolish mortals… the market will tell.” Lions, Tigers, and Market Inefficiency, Oh Myyyy!

Adam Wilcox, respected writer and leader in IT training and development

But we can see, in many instances, why the government does choose to pick winners and losers. Maybe there is a consensus that we need to move toward electric vehicles faster than an, er, “efficient” market would otherwise. For the sake of, you know, like, the planet.

I’m not religious about any of this. Government is about taking in and spending money, and the conversation ought to be about how best to do that in each budgetary line item.

In the IT training industry, we’ve been very much at the mercy of the directives from the DoD that say which certifications are acceptable for professional development and which aren’t. To some extent, previous directives like 8570 picked certification “winners” like the Computing Technology Industry Association (CompTIA) and the International Information System Security Certification Consortium, or (ISC)2, while leaving out many other certification bodies.

And why do they need to, um, “certify” certain certifications at all? Well, there’s an argument for it… perhaps the DoD doesn’t feel it can adequately review curriculum to certify at that level, and so they accept other bodies’ official stamps—particularly standards organizations like ANSI—in lieu of having to think about this stuff themselves. This isn’t unreasonable.

But there are problems with it. First, organizations like ANSI make no judgement about the content of the certs, but rather just their form, statistical validity of their testing methods, and the certifying bodies’ ability to jump through (and afford) ANSI’s hoops.

Also, the DoD does not simply approve all certs that are ok’d by standards bodies. There is a rather opaque process for getting your certs inside the DoD fence. This process is and has always been political, having a lot to do with not what you know, but who you know.

So, the recent update to directive 8140.03 is somewhat corrective, even if it doesn’t go nearly far enough. It’s corrective in that instead of allowing only a couple of certification organizations to be in the club, it now approves certifications from other organizations like the Federal IT Security Institute (FITSI) and Mile2. More winners, fewer losers, better competition, right? One would hope so.

This has been particularly difficult for content providers over the past decade as various certification organizations have begun competing with content providers. ANSI says certifying organizations are not supposed to be in the content business, but almost all now are, and they use various anti-competitive tools to force schools and training organization to use only their content (the main tool for this being a monopoly on selling discounted exam vouchers). These bodies claim to have a “firewall” between “content” and “certification,” wink-wink, nudge-nudge. They might need a refresher on what a firewall is. ANSI has been completely silent on these practices. Why? Well, I am just a caveman, but these are ANSI’s paying customers.

From my cave, 8140.03 looks like it might be the start of something. A greater focus on roles means that the specific Knowledge, Skills, and Abilities (KSAs) for roles are what will matter going forward. That should mean—although it hasn’t yet—that broad certs about knowledge areas (rather than roles) become less important. And in the meantime, as said earlier, more certifications from more organizations means more competition. I’m all for that.

In the meantime, if you’re in the content world, placing some long bets on role-based KSAs as the main content units is probably smart. In the short term, consider some bets on content for certs that have been recently added to the 8140.03 directive. If you’re an educator, I encourage you to push back on the certification organizations that say you must use their content. Many of my customers have found that when they do, they’re allowed to use whatever content they want.

We like to believe that we have a free market, but it’s never quite free. The force toward monopoly must be constantly fought, and our country has shown little interest in enforcing antitrust laws in recent decades. But all of us, collectively, are “the market,” and we can use the leverage we do have. Consider all the options.

Newsletter Subscription

Subscribe for updates, promotions, new courses, and more.

Share this post

Know someone else who’d enjoy this post? Share it with them using the buttons below. 

Want to learn more?

Check out our other recent blog posts for more helpful IT resources.