TRAINING SERVICES

DIACAP - Certification and Accreditation Process (DS3IA835)

Course Content: This course is designed to help the Certifying Authority and INFOSEC professional fully understand the certification and accreditation process as outlined in the Department of Defense Instruction 8510.01, November 28, 2007; DoDD 8500.1, October 24 2002, Information Assurance (IA), DoDI 8500.2, February 6, 2003, Information Assurance (IA) Implementation, and Section 3541 of title 44, United States Code, Federal Information Security Management Act of 2002” (FISMA).

This instruction is designed to provide the INFOSEC professional with a comprehensive understanding and working knowledge of DIACAP. The course will provide an overview of current policy, laws, and guidance, definitions and terms, a brief overview on the evolution of automated information system (IS) security, the transition from the DoD Information Security C&A Process (DITSCAP) to DIACAP, DIACAP roles and responsibilities, a discussion of the DIACAP support for net-centricity and considerations of the Global Information Grid (GIG) architecture, and detailed discussion on the five DIACAP activities, including, the identification and validation of Information Assurance (IA) Control, life-cycle management, and an awareness of threats, vulnerabilities, and risk management as they apply to availability, integrity, confidentiality, and accountability (to include authenticity and non-repudiation) in the C&A process.

During this 4-day course, students will learn:

• How to understand the history of AIS security and how it applies to DoD information systems
• How to recognized basic concepts of information security and applicable definitions as they apply to DoD information systems
• How to understand the relevant laws, policies, directives, and instruction that apply to DoD information systems.
• How to understand the differences between the DITSCAP and the DIACAP
• How to understand the roles and responsibilities of the principal accrediting authority, designated accrediting authority, senior information assurance officer, certifying authority (and certifying authority representative), the program or system manager, the user representative, and the information systems security officer
• How to understand and apply the DIACAP methodology in initiating, planning, and identifying the DIACAP activities
• How to recognize and validate Information Assurance controls
• How to make a certification determination and accreditation decision
• How to maintain the authority to operate and conduct Information Assurance reviews
• How to identify and apply agency or service-unique requirements concerning C&A implementation

Prerequisites: There are no mandatory prerequisites for the courses described in this catalog; however, it is desirable that students have a basic understanding of computer PC operations.

Class Size: There is a minimum class size of eight (8) and a maximum number of ten (10) students for each class offered.

Note: This course can also be taught at your location. If taught at your location, course costs will also include travel and per diem for one instructor in accordance with the Joint Federal Travel Regulation

Note: If you plan on training more than 8 people, please contact us for a tailored group discount price based on number of students.

Register

*ADDITIONAL CLASSES AVAILABLE. CONTACT STUDENT SERVICES FOR SCHEDULING INFO.

** Continuing Education Credits (CPEs/CEUs): This course has an approximate value of 27 CPEs. (Subject to audit)