What Does DOD Information Technology Security Certification and Accreditation Process Mean?
DOD Information Technology Security Certification and Accreditation Process (DITSAP) is an information and communications systems standardization and accreditation process used by the Department of Defense (DoD) USA.
It was the first ever accreditation and certification standard used by DoD. It was developed in 1992 and was superseded by DoD Information Assurance Certification and Accreditation Process (DIACAP).
Techopedia Explains DOD Information Technology Security Certification and Accreditation Process
DITSAP was primarily created to form a standardized process for evaluating, certifying and assuring the security of strategic, tactical and stand-alone information systems and networks. DITSAP utilizes a set of structured and standardized methods and activities to verify, validate, implement and maintain security within the defense information infrastructure (DII). The DITSAP accreditation is a four phase process and includes:
Phase 1 – Definition: Focuses on understanding the underlying environment and architecture. It evaluates the requirements and support required to accomplish the accreditation
Phase 2 – Verification: Verifies the new or existing system’s capabilities and compliance with documented security requirements
Phase 3 – Validation: Ensures that the system operates in a controlled and risk free environment and is in compliance with the security requirements. This also concludes the accreditation process
Phase 4 – Post Accreditation: Maintain the system within an ideal state and perform operations necessary to keep the system accredited