Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…
DOD Information Technology Security Certification and Accreditation Process (DITSAP) is an information and communications systems standardization and accreditation process used by the Department of Defense (DoD) USA.
It was the first ever accreditation and certification standard used by DoD. It was developed in 1992 and was superseded by DoD Information Assurance Certification and Accreditation Process (DIACAP).
DITSAP was primarily created to form a standardized process for evaluating, certifying and assuring the security of strategic, tactical and stand-alone information systems and networks. DITSAP utilizes a set of structured and standardized methods and activities to verify, validate, implement and maintain security within the defense information infrastructure (DII). The DITSAP accreditation is a four phase process and includes:
Phase 1 – Definition: Focuses on understanding the underlying environment and architecture. It evaluates the requirements and support required to accomplish the accreditation
Phase 2 – Verification: Verifies the new or existing system’s capabilities and compliance with documented security requirements
Phase 3 – Validation: Ensures that the system operates in a controlled and risk free environment and is in compliance with the security requirements. This also concludes the accreditation process
Phase 4 – Post Accreditation: Maintain the system within an ideal state and perform operations necessary to keep the system accredited
Techopedia’s editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.
What is Information Rights Management? Information Rights Management (IRM) is a type of digital rights management (DRM) that is specifically...
Maria WebbTechnology journalist
What Does VAPT Mean?Vulnerability Assessment and Penetration Testing (VAPT) is a market segment in information technology (IT) that combines two...
Margaret RouseTechnology Expert
What Does Data Brokering Mean?Data brokering refers to the practice of obtaining information on users, aggregating it, and enhancing it...
Trending NewsLatest GuidesReviewsTerm of the Day