Department of Defense Information Technology Security Certification and Accreditation Process

Department of Defense Information Technology Security Certification and Accreditation Process

The Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) is a process defined by the United States Department of Defense (DoD) for managing risk. DIACAP replaced the former process, known as DITSCAP (Department of Defense Information Technology Security Certification and Accreditation Process), in 2006.

DoD Instruction (DoDI) 8510.01 establishes a standard DoD-wide process with a set of activities, general tasks and a management structure to certify and accredit an Automated Information System (AIS) that will maintain the Information Assurance (IA) posture of the Defense Information Infrastructure (DII) throughout the system's life cycle.

DIACAP applies to the acquisition, operation and sustainment of any DoD system that collects, stores, transmits, or processes unclassified or classified information since December 1997. It identifies four phases:

  1. System Definition
  2. Verification
  3. Validation
  4. Re-Accreditation

DIACAP also uses weighted metrics to describe risks and their mitigation.

The DIACAP processes was refined by the publication of the DIACAP Application Manual. A similar methodology, NIACAP, is used for the certification and accreditation (C&A) of national security systems outside of the DoD.

References

Cancelled Reference



Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • System Security Authorization Agreement — A System Security Authorization Agreement (SSAA), is an information security document used in the United States Department of Defense (DoD) to describe and accredit networks and systems. The SSAA is part of the Department of Defense Information… …   Wikipedia

  • Department of Defense Cyber Crime Center — Defense Cyber Crime Center Seal Agency overview Formed 1998 Headquarters Linthicum, Maryland Parent …   Wikipedia

  • United States Department of Defense — Department of Defense Department overview Formed August 10, 1949 (1949 08 10) …   Wikipedia

  • Information security professionalism — is the set of knowledge that people working in Information security and similar fields (Information Assurance and Computer security) should have and eventually demonstrate through certifications from well respected organizations. It also… …   Wikipedia

  • Professional certification (computer technology) — Professional certifications in computer technology are non degree awards made to those who have achieved qualifications specified by a certifying authority. Depending on the particular certification, qualifications may include completing a course …   Wikipedia

  • Memphis Police Department — Abbreviation MPD Patch of the Memphis Police Department …   Wikipedia

  • Einstein (US-CERT program) — Infobox Software name = EINSTEIN caption = author = developer = US CERT released = 2004 latest release version = latest release date = latest preview version = latest preview date = operating system = platform = language = genre = network… …   Wikipedia

  • NIST Special Publication 800-53 — NIST Special Publication 800 53, Recommended Security Controls for Federal Information Systems and Organizations, and catalogs security controls for all U.S. federal information systems except those related to national security. It is published… …   Wikipedia

  • Common Criteria — The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1.[1] Common Criteria is a… …   Wikipedia

  • Lebanon — This article is about the country. For other uses of terms redirecting here, see Lebanon (disambiguation) and Liban (disambiguation). Republic of Lebanon اَلْجُمْهُورِيَّة اَللُّبْنَانِيَّة al Jumhūrīyah al Lubnānīyah République libanaise …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”