What Does DOD Information Assurance Certification and Accreditation Process Mean?
DOD Information Assurance Certification and Accreditation Process (DIACAP) is a process that provides the certification and accreditation (CA) of information systems used within the US Department of Defense (DoD).
It is a systematic process that ensures only accredited information systems tools and technologies are used within DoD’s IT Infrastructure.
Techopedia Explains DOD Information Assurance Certification and Accreditation Process
DIACAP was created in 2007 as a means to authorize information systems to operate within the DoD IT Environment. For DIACAP to work, it requires the implementation of several security and governance policies and directives, such as:
-
Federal Information Security Management Act (FISMA)
-
Global Information Grid (GIG) Overarching Policy (DoDD 8100.1)
-
Information Assurance (DoDD 8500.01 E)
-
Information Assurance Implementation (DoDI 8500.2)
DIACAP requires an information system to be accredited across the network i.e. the certification and accreditation process will not just be system-based, but will also ensure that the information system ensures security when interacting and communicating over the Global Information Grid. Once a system has been accredited secure by DIACAP, its information security and assurance capabilities must be maintained through a formal system lifecycle.