DOD Information Technology Security Certification and Accreditation Process

What Does DOD Information Technology Security Certification and Accreditation Process Mean?

DOD Information Technology Security Certification and Accreditation Process (DITSAP) is an information and communications systems standardization and accreditation process used by the Department of Defense (DoD) USA.

Advertisements

It was the first ever accreditation and certification standard used by DoD. It was developed in 1992 and was superseded by DoD Information Assurance Certification and Accreditation Process (DIACAP).

Techopedia Explains DOD Information Technology Security Certification and Accreditation Process

DITSAP was primarily created to form a standardized process for evaluating, certifying and assuring the security of strategic, tactical and stand-alone information systems and networks. DITSAP utilizes a set of structured and standardized methods and activities to verify, validate, implement and maintain security within the defense information infrastructure (DII). The DITSAP accreditation is a four phase process and includes:

  • Phase 1 – Definition: Focuses on understanding the underlying environment and architecture. It evaluates the requirements and support required to accomplish the accreditation

  • Phase 2 – Verification: Verifies the new or existing system’s capabilities and compliance with documented security requirements

  • Phase 3 – Validation: Ensures that the system operates in a controlled and risk free environment and is in compliance with the security requirements. This also concludes the accreditation process

  • Phase 4 – Post Accreditation: Maintain the system within an ideal state and perform operations necessary to keep the system accredited

Advertisements

Related Terms

Latest Information Assurance Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…