UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

DODD 8510.01 11/28/07

DoD Information Assurance Certification and Accreditation Process (DIACAP)

inactive
Organization: DODD
Publication Date: 28 November 2007
Status: inactive
Page Count: 53
scope:

APPLICABILITY AND SCOPE

This Instruction applies to:

The Office of the Secretary of Defense (OSD), the Military Departments, the Office of the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Office of the Inspector General (IG) of the Department of Defense, the Defense Agencies, the DoD Field Activities, and all other organizational entities within the Department of Defense (hereafter referred to collectively as the "DoD Components").

DoD-owned ISs and DoD-controlled ISs operated by a contractor or other entity on behalf of the Department of Defense that receive, process, store, display, or transmit DoD information, regardless of classification or sensitivity, consistent with Reference (b).

Nothing in this Instruction shall alter or supersede the existing authorities and policies of the Director of National Intelligence regarding the protection of Sensitive Compartmented Information (SCI) and special access programs for intelligence as directed by Executive Order 12333 (Reference (i)) and other laws and regulations. The application of the provisions and procedures of this Instruction to SCI or other intelligence ISs is encouraged where they may complement or discuss areas not otherwise specifically addressed.

PURPOSE

This Instruction:

Implements References (a), (b), (c), and (d) by establishing the DIACAP for authorizing the operation of DoD Information Systems (ISs).

Cancels DoD Instruction (DoDI) 5200.40; DoD 8510.1-M; and ASD(NII)/DoD CIO memorandum, "Interim Department of Defense (DoD) Information Assurance (IA) Certification and Accreditation (C&A) Process Guidance" (References (e), (f), and (g)).

Establishes or continues the following positions, panels, and working groups to implement the DIACAP: the Senior Information Assurance Officer (SIAO), the Principal Accrediting Authority (PAA), the Defense Information Systems Network (DISN)/Global Information Grid (GIG) Flag Panel, the IA Senior Leadership (IASL), the Defense (previously DISN) IA Security Accreditation Working Group (DSAWG), and the DIACAP Technical Advisory Group (TAG).

Establishes a C&A process to manage the implementation of IA capabilities and services and provide visibility of accreditation decisions regarding the operation of DoD ISs, including core enterprise services- and Web services-based software systems and applications.

Prescribes the DIACAP to satisfy the requirements of Reference (a) and requires the Department of Defense to meet or exceed the standards required by the Office of Management and Budget (OMB) and the Secretary of Commerce, pursuant to Reference (a) and section 11331 of title 40, United States Code (Reference (h)).

Document History

December 29, 2020
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
July 28, 2017
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
May 24, 2016
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
March 12, 2014
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
DODD 8510.01 11/28/07
November 28, 2007
DoD Information Assurance Certification and Accreditation Process (DIACAP)
APPLICABILITY AND SCOPE This Instruction applies to: The Office of the Secretary of Defense (OSD), the Military Departments, the Office of the Chairman of the Joint Chiefs of Staff, the Combatant...

References

Advertisement