8140.03 Implementation

Published under the authority of DoDD 8140.01, DoDM 8140.03 is the implementation manual for the DoD Cyberspace Workforce Qualification and Management Program. It replaced the former DoD 8570.01-M and establishes qualification requirements across all five cyberspace workforce elements — designed to “enhance cyberspace mission readiness across the DoD” (DoDM 8140.03, §3.2). View all policy documents

Who & how
Timeline & Requirements
Manual Overview

Who and How Does the 8140.03 Manual Apply?

Which Federal or DoD organizations does this manual apply to?

All DoD components, branches and agencies.

Which individuals from these organizations does this manual apply to?

Workforce Element categories and Work Role examples include:


Cyber IT

Technical Support Specialist
Database Administrator
Knowledge Manager
Network Operations Specialist
Systems Administrator
Systems Developer


Cybersecurity

Cyber Defense Analyst
Vulnerability Assessment Analyst
AO/Designating Representative
Security Control Assessor
IS Security Developer
Security Analyst


Software Engineering

Software Developer
Software/Cloud Architect
Systems Security Analyst
DevSecOps Specialist
Product Designer UI


AI/Data

AI Innovation Leader
AI Risk & Ethics Specialist
AL/ML Specialist
Data Officer
Data Steward
Data Architect


Cyber Effects

Mission Assessment Specialist
Exploitation Analyst
Target Developer
Target Network Analyst
Warning Analyst
Cyber Operator


Cyber Intelligence

Multi-Disciplined Language Analyst
All-Source Analyst
All-Source Collection Manager
All-Source Collection Requirements Manager
Cyber Intelligence Planner

Cyber Enablers

Cyber Policy and Strategy Planner
Executive Cyber Leader
Privacy Compliance Manager
Cyber Legal Advisor
Cyber Training and Education
Cyber Crime Investigator

8140.03 Timeline & Reporting Requirements

FEBRUARY 15, 2023

The manual was published establishing these guidelines.

Published by the DoD CIO, 8140.03 was created as the manual for implementation of the Defense Cyber Workforce Framework. 8140.03 is an updated version of 8140.01. The Cyber Workforce Management Board and broad cyber workforce policy is established in 8140.01.

FEBRUARY 15, 2024

All applicable roles should be coded for individuals in the applicable organizations and workforce elements.

As a supplement to 8140.03, DoDI 8140.02 outlines the roles and workforce elements included in 8140.03.

FEBRUARY 15, 2025

Individuals in the DCWF roles, that are categorized under the cybersecurity workforce elements, must meet 8140.03 requirements (including Foundational requirements).

This entails recording and reporting the appropriate qualifications to meet minimum requirements.

FEBRUARY 15, 2026

Foundational qualification deadline for cyber IT, cyber effects, cyber (intelligence), and cyber enablers workforce elements. Residential qualification deadline for cybersecurity workforce element. DoD Components begin reporting on all remaining workforce elements.

Three milestones converge: (1) Foundational readiness for the four remaining workforce elements, (2) On-the-job readiness (residential qualification) for cybersecurity, and (3) Reporting via DoD 8140 KPIs for all elements. (DoD 8140 Implementation Timeline)

FEBRUARY 15, 2027

Residential qualification deadline for cyber IT, cyber effects, cyber (intelligence), and cyber enablers workforce elements.

All remaining workforce elements must demonstrate on-the-job readiness. Personnel must meet both foundational and residential qualification requirements at their assigned proficiency levels. (DoD 8140 Implementation Timeline; DoDM 8140.03, §4.3)

INDIVIDUAL TIMELINES

When assigned to a cyberspace work role, personnel must achieve foundational qualification within 9 months and demonstrate on-the-job readiness (residential qualification) within 12 months.

Failure to qualify without a waiver results in removal from work role duties. (DoDM 8140.03, §4.2) Current Qualification Matrix: Version 2.1, effective September 19, 2025. View qualification tools

8140.03 Manual Overview

The Department of Defense Manual 8140.03, available in full on our Resources page, is a directive that addresses the framework for managing the DoD’s cybersecurity workforce in 5 sections:

SectionsSection Summary
Section 1Introduces the directive’s purpose, which is to enhance cybersecurity through effective workforce management.
Section 2Outlines governance and management responsibilities, including roles for the DoD Chief Information Officer, Deputy Assistant Secretary of Defense for Cyber Policy, and the Cyber Workforce Management Group
Section 3Details the necessary competencies, job roles and certifications required for cybersecurity positions within the DoD.
Section 4Focuses on workforce development, including training, career pathways and strategic planning.
Section 5Covers performance evaluation and metrics to ensure the ongoing effectiveness and improvement of the DoD’s cybersecurity workforce.
Get Qualified
DCWF.com

All Access Training

Register early for opportunities and news of the latest DCWF training & certifications.

Training & Certification