| Skip Navigation / Home / Contacts / Site Map |
To Acquisition Training Page | To Project Officer Training Page | To ACP Home Page Many NIH users will get an error message when attempting to access FAI training. The message relates either to an out of date security certificate, or to Microsoft’s security protocols which frown on use of SSNs. If you wish to access the free training from FAI, then you need to over ride the security warning. NIH’s IT staff have confirmed that they do not object to our employees accessing the FAI site.
Many people have concerns about using their SSN and birth date to access this training over the internet. The e-mail exchange below speaks to the need for using SSN and birth date and to the security that is in place for its use.
From: Goetz, Richard L Mr CIV USA HQDA DCS G-1
Sent: Monday, September 21, 2009 9:55 AM
To: Button, Judith (HHS/ASAM)Subject: RE: COTR Training Issue (UNCLASSIFIED)
Classification: UNCLASSIFIED
Caveats: NONE
Ms. Button,
We understand your concern, but the ATRRS/FAITAS systems are secure systems which takes great measure to protect users personally identifiable information (PII). We would hope that after you read the follow-on information you will have a better understanding of how we take the utmost measures to handle PII and the use of approved secure measures.
The Army Training Requirements and Resources System (ATRRS) is fully accredited as required by the Federal Information Security Management Act. ATRRS is the Army's training management system hosted on the Pentagon unclassified backbone.
ATRRS secure sockets layer (SSL) certificates are issued using the DOD PKI infrastructure and are compliant with Federal Information Processing Standard (FIPS) Publication 140-2. ATRRS use of PII is approved and sanctioned via System of Records Notice (AO351 DAPE) http://www.defenselink.mil/privacy/notices/army/A0351_DAPE.shtml, U.S.C.301, Departmental Regulations; 10 U.S.C 3013, Secretary of the Army and 4301 E.0. 9397 (SSN) and is approved by the Army CIO demonstrated here: http://www.army.mil/ciog6/privacy/docs/ArmyTrain4.doc. All ATRRS training application systems contain a link to the Privacy Act.
To access our Internet Training Application Systems all users (Department of Defense, Industry, & Federal Government) who have not been issued a Department of Defense Common Access Card (CAC) are required to enter their SSN and DoB as part of the process when they apply for acquisition training. This information is used to verify the identity of eligible users of the system. It is also required to assure accurate credit of your coursework and to integrate course data with the appropriate systems (DAU LMS, Training Management System, and/or the Defense Civilian Personnel Data System). The SSN is used as the unique identifying number because other people may have the same name or birth date and because other identifying information, such as email address or name, may change.
If an invalid SSN is entered, no guarantee can be made that complete and accurate transcripts of training courses will be integrated with the other data systems or that the individual transcript of courses will follow that individual when a change of status, position, or agency occurs.
Failure to provide the requested information will result in one's inability to apply for training offered by the Defense Acquisition University.
Why do we need your Social Security Number? We request your Social Security Number (SSN) and Date of Birth (DoB) during the registration process only to authenticate who you are. Your information will be stored with your account when it is created, will be safeguarded and not shared with entities outside the Department of Defense, the Federal Government or the individual's organization. It is used only as a discriminator during multiple identity instances.
Is the training application system security safe? Security during registration is ensured using a 128-bit Secure Socket Layer (SSL) connection. This is the highest industry standard and establishes an encrypted session between your computer and the training application system. We use the same technology that other major companies operating on the World Wide Web (WWW) use to protect personal information and guard against identity theft. Look for the little yellow padlock at the bottom of your browser window to ensure that you have established a secure connection.
ATRRS continues to strive to provide the maximum amount of protection to its data and users as required by policy and law. We have implemented compliant authentication mechanisms and continue to work with the Designated Approving Authority (DAA), our user communities and information assurance officials in order to maintain risk at an acceptable level. Security has an impact on everybody, and we too are concerned about it. But we continue to require those users without a DOD CAC to enter their SSN. With the development of new data repositories and advancements in technology, we too look forward to the day when we will no longer require our users to enter their SSN on-line.
Dick Goetz
Army G-1, ATRRS Training Registration Systems Pentagon, 1D377
-----Original Message-----
From: Button, Judith (HHS/ASAM)
Sent: Tuesday, September 01, 2009 9:59 AM
To: DAUHelp
Cc: Brown, Mark A. (HHS/ASRT)
Subject: FW: COTR Training IssueGood Morning,
Can you provide me with any information that pertains to why SSNs and DoBs are necessary for DAU online classes? Also - if you can provide me with the OMB or OPM authority that gives DAU the permission to solicit this information. Thank you in advance for your attention in this matter.
Contact Acquisition Career Program Staff