OPM has reminded agencies of the required next step, and of steps to follow that, under the 2015 Federal Cybersecurity Workforce Assessment Act.
That law requires the government to implement the National Initiative for Cybersecurity Education coding structure and to identify all civilian positions performing information technology, cybersecurity, or other cyber-related functions. That coding should be completed by April, a memo said.
“After the completion of the position coding, agencies are required to identify information technology, cybersecurity, and other cyber-related work roles of critical need among their civilian workforce. Once the work roles of critical need are identified, agencies must submit a report to OPM indicating the roles and substantiating the designation of critical need. This will be due in April 2019 and annually thereafter. OPM is currently developing guidance for agencies to use in determining work roles of critical need and reporting this information,” it said.
In April 2019 and beyond, it added, agencies will need to develop and implement plans to address their cyber work roles of critical need, “including how they will mitigate skill gaps.”