Click here

		^Home ^{DAG Tutorial} ^Search ^{Available Downloads} ^Feedback

The DAG does not reflect the changes in the DoDI5000.02. Work is in progress to update the content and will be completed as soon as possible.

Jump to Content
Jump to Navigation and Tools

.

ACC Practice Center > AT&L Knowledge Management... > Welcome to the Defense... > Chapter 7 -- Acquiring... > 7.5. Information... > 7.5.10. Information...

View History

7.5.10. Information Assurance (IA) Certification and Accreditation (C&A)

Topic

: DEFENSE ACQUISITION GUIDEBOOK
Chapter 7 - Acquiring Information Technology

7.5.10. Information Assurance (IA) Certification and Accreditation (C&A)

7.5.11. Software Security Considerations

7.5.10. Information Assurance (IA) Certification and Accreditation (C&A)

In accordance with DoD Directive 8500.01E, all acquisitions of AISs (to include MAISs), outsourced IT-based processes, and platforms or weapon systems with connections to the GIG must be certified and accredited. The primary methodology for certifying and accrediting DoD information systems is the DoD Information Assurance Certification and Accreditation Process (DIACAP) of DoD Instruction 8510.01.

7.5.11. Software Security Considerations

For the acquisition of software-intensive IT, especially IT used in National Security Systems, PMs should consider the significant operational threat posed by the intentional or inadvertent insertion of malicious code. The risks associated with these supply chain risk management (SCRM) issues are being managed within the context of program protection planning. See Chapter 13, Program Protection Planning, regarding requirements for SCRM key practices and intelligence support from Defense Intelligence Agency SCRM Treat Assessment Center (TAC).

Top of page

List of All Contributions at This Location

No items found.

Popular Tags

Contact Us | Privacy Policy | Legal Notices

DAUHelp@dau.mil

Browse

ACC Home Up one level

Welcome to the Defense Acquisition...

Chapter 1 -- Department of Defense...

Chapter 2 -- Program Strategies

2.0 Overview
2.1. Program Strategies—General
2.2. Program Strategy Document...
2.3. Program Strategy Relationship to...
2.4. Relationship to Request for...
2.5. Program Strategy Classification...
2.6. Program Strategy Document Approval...
2.7. Acquisition Strategy versus...
2.8. Technology Development...

Chapter 3 -- Affordability and...

3.0. Overview
3.1. Life-Cycle Costs/Total Ownership...
3.2. Affordability
3.3. Analysis of Alternatives
3.4. Cost Estimation for Major Defense...
3.5. Manpower Estimates
3.6. Major Automated Information Systems...
3.7. Principles for Life-Cycle Cost...

Chapter 4 -- Systems Engineering

Chapter 5 -- Life-Cycle Logistics

5.0. Overview
5.1. Life-Cycle Sustainment in the...
5.2. Applying Systems Engineering to...
5.3. Supportability Design...
5.4. Sustainment in the Life-Cycle...
5.5. References

Chapter 6 -- Human Systems Integration...

6.0. Overview
6.1. Total System Approach
6.2 HSI - Integration Focus
6.3. Human Systems Integration Domains
6.4. Human Systems Integration (HSI)...
6.5. Manpower Estimates
6.6. Additional References

Chapter 7 -- Acquiring Information...

7.0. Overview

7.1. Introduction

7.2. DoD Information Enterprise

7.3. Interoperability and Supportability...

7.3.2. Mandatory Policies

7.3.3. Interoperability and...

7.3.4. Net-Ready Key Performance...

7.3.5. Net-Ready Key Performance...

7.3.6. Information Support Plan (ISP)...

7.3.6.2. Information Support Plan (ISP)...

7.3.6.3. Estimated Information Support...

7.3.6.6. Points of Contacts

7.3.6.7. Information Support Plan (ISP)...

7.3.6.8. Tailored Information Support...

7.3.6.9. Information Support Plan (ISP)...

7.4. Sharing Data, Information, and...

7.5. Information Assurance (IA)

7.5.3. Information Assurance (IA)...

7.5.4. Estimated Information Assurance...

7.5.5. Integrating Information Assurance...

7.5.6. Program Manager (PM)...

7.5.7. Information Assurance (IA)...

7.5.8. Information Assurance (IA)...

7.5.10. Information Assurance (IA)...

7.5.12. Implementing Information...

7.5.13. Information Assurance (IA)...

7.6. Electromagnetic Spectrum

7.7. Accessibility of Electronic and...

7.8. The Clinger-Cohen Act (CCA) --...

7.8.4. Title 40/Clinger-Cohen Act (CCA)...
7.8.5. Other Title 40/Clinger-Cohen Act...
7.8.6. Title 40 Subtitle...
7.8.7. Procedure for Risk-Based...

7.9. Post-Implementation Review (PIR)

7.10. Commercial Off-the-Shelf (COTS)...

7.11. Space Mission Architectures

Chapter 8 -- Intelligence Analysis...

Chapter 9 -- Test and Evaluation (T&E)

Chapter 10 -- Decisions Assessments and...

Chapter 11 -- Program Management...

Chapter 12 - Defense Business System...

12.0 Overview
12.1 Business Capability Definition...
12.2 Investment Management (IM) Phase
12.3 Execution
12.4 DBS-specific Criteria
12.5 Tools and Methods

Chapter 13 -- Program Protection

13.0 Overview
13.1 The Program Protection Process
13.2 The Program Protection Plan (PPP)
13.3 Critical Program Information (CPI)...
13.4. Intelligence and...
13.5. Vulnerability Assessment
13.6. Risk Assessment
13.7. Countermeasures
13.8. Horizontal Protection
13.9. Foreign Involvement
13.10. Managing and Implementing PPPs
13.11. Compromises
13.12. Costs
13.13. Contracting
13.14. Detailed System Security...
13.15. Program Protection Plan (PPP)...
13.16. Program Protection Plan (PPP)...

Chapter 14 -- Acquisition of Services

14.0. Overview
14.1. Introduction to the Acquisition of...
14.2. The Planning Phase
14.3. The Development Phase
14.4. The Execution Phase
Appendix A -- REQUIREMENTS ROADMAP...
Appendix B -- SERVICE ACQUISITION...
Appendix C -- SERVICE ACQUISITION MALL...
Appendix D -- MARKET RESEARCH RESOURCES
Appendix E -- GLOSSARY

DoD Directive 5000.01

ENCLOSURE 1 ADDITIONAL POLICY

DoD Instruction 5000.02

Recent Policy and Guidance

Download the Defense Acquisition...
Weapon Systems Acquisition Reform Act of...

Current JCIDS Manual and CJCSI 3170.01 I

Defense Acquisition Guidebook Key...

ACC Practice Center Version 3.2

Application Build 3.2.9
Database Version 3.2.9