The advancement of technology in the last few decades has resulted in a rapid increase in computing and cybersecurity programs. As an organization dedicated to quality assurance in STEM education, ABET accreditation criteria has evolved and expanded to provide confidence that these programs meet the quality standards that produce graduates prepared to enter a global workforce.
The Computing Accreditation Commission of ABET is responsible for accreditation activities in all disciplines involved in the development and use of technology related to computers, including cybersecurity. All members of the computing community have the opportunity to influence cybersecurity accreditation criteria by providing feedback on the proposed program criteria while it is still open for public review and comment.
For those who’d like to participate in this process, this article provides background on accreditation, ABET’s role as a leader in accreditation of STEM programs and ABET’s proposed criteria for associate degrees in cybersecurity.
What Is Accreditation?
Accreditation is a review process to determine if educational programs meet defined standards of quality. Once achieved, accreditation is renewed periodically to ensure the quality of the educational program is maintained.
In the United States, accreditation is voluntary, decentralized and carried out by many non-governmental, non-profit organizations. The process of accreditation typically culminates in an external quality review by a team of professional experts from academia or industry. These experts volunteer their time, professional knowledge and experience to this process of quality assurance and ongoing improvement to education in their disciplines.
A History of Setting Standards
At ABET, the organization’s 36 professional societies are the primary source of the expert volunteers, or Program Evaluators (PEVs), who conduct the important work of accreditation. They also serve on ABET’s four accreditation commissions, which are responsible for writing the criteria and making the final accreditation decision for each program.
ABET accreditation is an 18-month process and the criteria are based on student outcomes — what graduates are expected to be able to do, not just what subjects they are taught. Each commission has its own eight accreditation criteria structured into two parts: General Criteria, which apply to all programs under the commission’s purview, and Program Criteria, which add discipline-specific requirements to the criteria for Student Outcomes and Curriculum. The proposed Associate Cybersecurity Program Criteria has an important exception to this structure: the Student Outcomes program criterion and the Curriculum program criterion replace (not extend) the corresponding criterion stated in the General Criteria.
In response to the anticipated boom in computing education, the Association for Computing Machinery (ACM) and the Institute of Electrical and Electronics Engineers Computer Society (IEEE-CS) worked together to create the Computing Sciences Accreditation Board (now called CSAB) in 1984. CSAB is currently the lead ABET society for computer science, cybersecurity, information systems, information technology and software engineering and the co-lead society for cybersecurity engineering and systems engineering.
Today, ABET accredits more than 4,100 college and university programs at over 800 institutions in 32 countries. Of those, 548 are computing programs at 404 institutions in 21 countries outside the United States. Over 100,000 students graduate from ABET-accredited programs each year, and millions of graduates have received degrees from ABET-accredited programs since the organization’s founding in 1932.
Criteria for Cybersecurity Programs
In 2016, ABET member societies began establishing program criteria for the increasingly important field of cybersecurity. IEEE established a committee to create ABET program criteria for cybersecurity engineering programs. CSAB also established a committee to create ABET program criteria for cybersecurity computing programs.
ABET approved its program-specific criteria for cybersecurity in 2018 and accredited programs at the U.S. Air Force Academy, U.S. Naval Academy, Towson University and Southeast Missouri State University.
How Can You Get Involved?
On July 20, 2019, ABET approved the release of Associate Cybersecurity Program Criteria for public review and comment, giving key stakeholders the opportunity to provide feedback to help improve the criteria. The proposed criteria are based directly on early drafts of the 2020 Cybersecurity Curricular Guidance for Associate-Degree Programs (Cyber2Yr2020). By establishing cybersecurity criteria at the two- and four-year levels, ABET has helped define what an accredited program in this relatively new academic area should look like. The criteria guide institutions in defining their cybersecurity programs, while helping industry know that the program meets a certain set of standards that produces graduates equipped to enter the workforce.
By providing feedback on the criteria currently open for public review and comment, industry professionals can ensure the graduates they hire have certain skill sets, while those in academia help ensure the feasibility of attaining accreditation for their programs. External feedback also assists in guaranteeing the proposed changes, revisions and criteria are as clear, effective and inclusive as possible. [When reviewing the proposed Cybersecurity Program Criteria 3 (Student Outcomes) and 5 (Curriculum), note that they completely replace the General Criteria 3 and 5 of the General Computing Criteria.]
Please consider providing your feedback to the proposed changes — the criteria is now open for public review and comment, and we will accept feedback until June 15, 2020.