|
This course provides participants with an in-depth knowledge of the DIACAP requirements and process. Participants will also be provided with a set of tools and resources to begin to prepare systems for certification and accreditation within the DoD environment.
Audience: Software/Hardware Engineers, Project Managers, Security Professionals
Course details are provided below and are also available in PDF format.
REGISTER HERE
COURSE DETAILS
Course Outline:
Introduction to DIACAP
- Legislation, Policies
- Enterprise Risk Management Framework
- DIACAP Roles and Responsibilities
- DIACAP Process
- DITSCAP to DIACAP Transition
DIACAP Activities
- Initiating and Planning Information Assurance Certification and Accreditation (IAC&A)
- Implementing and Validating Assigned IA Controls
- The Certification Determination & Accreditation Decision
- Maintaining Authorization to Operate and Conducting Reviews
- Decommissioning the System
The DIACAP Package
- The System Identification Profile (SIP)
- The DIACAP Implementation Plan (DIP)
- The DIACAP Scorecard
- IT Security Plan of Action and Milestones (POA&M)
- Executive Package (SIP, DIACAP Scorecard, POA&M)
Initiation and Planning Activities
- Registering the System
- Assigning IA Controls
- Assembling the DIACAP Team
- Allowable Relationships
- Initiating the DIACAP Implementation Plan
Implementing and Validating Assigned IA Controls
- Executing the DIACAP Implementation Plan (DIP)
- Conduction Validation Activities
- Preparing the POA&M
- Compiling Validation Results in the DIACAP Scorecard
|
Making the Certification and Accreditation Decision
- Certification Determination
- Validation of Actual Results
- Risks Associated with Non-Compliant IA Controls
- Costs to Mitigate Risks
- Consequences of a Failed IA Control (Impact Codes)
- Risk Levels of Security Weaknesses (Severity Categories)
- Corrective Action Urgency
- Accreditation Decision Process
- Accreditation Decision Types
Maintaining Authority to Operate
- Maintaining Situational Awareness
- Initiating and Action to Maintain IA Posture
- Maintaining Security
- Conducting Reviews
- Initiating Reaccreditation
Decommissioning the System
- Reviewing Impacts to Shared Systems
- Updating the System Identification Profile (SIP)
- Removing the POA&M and DIACAP Scorecard
- Retiring the System
Resources
- DIACAP Knowledge Service
- Automated C&A Process Tools- eMASS
- Course Length: 3 Days or 6 Evenings
- Tuition: $1499 per person
- Group discounts available
- On-site training and customized content available
|
REGISTER HERE
|
