DOD Information Technology Security Certification and Accreditation Process

Why Trust Techopedia

What Does DOD Information Technology Security Certification and Accreditation Process Mean?

DOD Information Technology Security Certification and Accreditation Process (DITSAP) is an information and communications systems standardization and accreditation process used by the Department of Defense (DoD) USA.

Advertisements

It was the first ever accreditation and certification standard used by DoD. It was developed in 1992 and was superseded by DoD Information Assurance Certification and Accreditation Process (DIACAP).

Techopedia Explains DOD Information Technology Security Certification and Accreditation Process

DITSAP was primarily created to form a standardized process for evaluating, certifying and assuring the security of strategic, tactical and stand-alone information systems and networks. DITSAP utilizes a set of structured and standardized methods and activities to verify, validate, implement and maintain security within the defense information infrastructure (DII). The DITSAP accreditation is a four phase process and includes:

  • Phase 1 – Definition: Focuses on understanding the underlying environment and architecture. It evaluates the requirements and support required to accomplish the accreditation

  • Phase 2 – Verification: Verifies the new or existing system’s capabilities and compliance with documented security requirements

  • Phase 3 – Validation: Ensures that the system operates in a controlled and risk free environment and is in compliance with the security requirements. This also concludes the accreditation process

  • Phase 4 – Post Accreditation: Maintain the system within an ideal state and perform operations necessary to keep the system accredited

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…