Introduction to Certification and Accreditation

Introduction to Certification and Accreditation

Active / Technical Report | Accession Number: ADA477650 |

Abstract:

This document, which provides an introduction to certification and accreditation CA concepts, provides an introductory discussion of some basic concepts related to CA and sets the baseline for further documents. Its objectives are the following 1 to provide an overview of CA, its function and place within the risk management process 2 to clarify the critical roles the Designated Approving Authority DAA and other key security officials must assume throughout the CA process 3 to identify some of the current security policies, emphasizing some key policy issue areas and 4 to define CA-related terms. The details of the actual CA process are not included in this document, but will be provided in a follow-on documents.

Author(s):

No Author(s) Identified

Author Organization(s):

NATIONAL COMPUTER SECURITY CENTER FORT GEORGE G MEADE MD

Descriptive Note:

Final rept.

Supplementary Note:

Library no. S-239,954. DOI: 10.21236/ADA477650

Pagination:

0075

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

NCSC-TG-029-VER-1

Monitor Series:

NCSC/MD

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.2_Understand; JCA_6_Net Centric; JCA_8_Building Partnerships; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_5.5_Direct; JCA_5.5.1_Communicate Intent and Guidance; JCA_8.1_Communicate; JCA_2_Battlespace Awareness; JCA_8.1.3_Influence Adversary and Competitor Audiences; JCA_5.4_Decide; JCA_6.4.1_Secure Information Exchange; JCA_6.1.3_Switching and Routing; JCA_6.1_Information Transport; JCA_1_Force Support; JCA_1.2_Force Preparation; JCA_4.7.2_Installation Services; JCA_4.7_Base and Installations Support; JCA_2.3_Processing and Exploitation; JCA_2.5.2_BA Data Access; JCA_1.2.3_Educating

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*INFORMATION SYSTEMS, *INFORMATION SECURITY, POLICIES, RISK MANAGEMENT

Field(s)/Group(s):

Computer Systems

Keyword(s):

*CERTIFICATION, *ACCREDITATION, DAA(DESIGNATED APPROVING AUTHORITY), INFOSEC(INFORMATION SECURITY), SECURITY POLICY

Report Date:

1993 Jan 01

Creation Date:

2008 Mar 19