Becoming Acquainted With DITSCAP, Research Paper Example

Introduction

The Department of Defense Information Technology Security Certification and Accreditation Process consists of the different systematic applications that are indicated by the US Department of Defense in consideration with the desire to manage IT risks. This system has been established in the year 2006 in relation to the desire of making information reliability of high quality in connection to the operations of the national defense. The well established reliable sources of information also entail the creation of strong information protection that could be applied especially in connection with the data that ought to be well kept for national security matters.

In the discussion that follows, a closer look on the different points of consideration given attention to in the DITSCAP process shall be presented. The certifications of information passed on and kept with defense databases shall be given specific determination as to how they relate to the establishment of well-protected data that should be kept intact for the sake of retaining the integrity of national security and defense tactics followed by the administration.

Differentiating Certifications

The DITSCAP procedure is specifically defined by four particular phases. The four phases include System Definition, Verification, Validation and Re-Accreditation. These phases include two levels of certifications which both involve different tasks that are designed to make a definite indication on the establishment of the integrity of the system. The first level of certification in DITSCAP specifically involves CT&E Plan which involves technology-specific tests while on the other hand; the second level of certification on the other hand involves the site-specific tests that are dedicated to manage procedures of development. These tests involve one approach in a laboratory environment and then another in actual spot-check approach. From these points, developmental and operational considerations are specifically noted along the way.

The tasks included in both levels are very specific especially when it comes to assuring the integrity of the operation that is considered in each level. The prerequisite tasks involve the identification of the plan and the objectives presented alongside it. From finishing the prerequisite tasks comes the identification of the business case, the mission needed to be given attention to, the specifications of the system and its operations as well as that of the architectural design of the entire system.

The consideration of the output of each system is taken into consideration after identifying all the input operations. Once the outputs have been tested for integrity and accuracy for the missions they are established alongside with, the applicable instructions and directives for operation are tested hence making sure that the system would be maintained properly. With such assuring procedures, testing the usability of the system is defined. In line with the testing process, the operation of the system with other networks is specifically given attention to.

The connection of the system with other networks shall identify its integrity for security and operational accuracy even when under pressure of other networks entering the system. Considerably, it is with this approach that the procedural application of the created system shall be tested and checked for any further developments or adjustments needed before its actual application of use. At this point, the modes of operational access could be reassured and tested. Notably, this process would create a distinctive definition on which mode is to be utilized depending on who is to use the system and what that particular user needs from the system itself. Such modes include the processing mode where the entire system is active and is able to accommodate all necessary operations needed. This means that all of its other divisional operations are working and are ready for utilization. The dedicated mode on the other hand is the process where one particular division of the system is solely accessed by an authorized operator hence making it easier for the users to be subdivided depending on the authority that they were given by the defense office [in connection with access privileges]. The system high mode allows all different users to access particular information in the IS within a specific time, security clearances are not much needed in this mode in comparison with that of the compartmented mode whereas even though there could be multiple users to access the information, only a chosen few are able to view particular stored information.

Conclusion

As noted from the discussion presented, the different sanctions that identify the needed approaches of operation when it comes to considering the accuracy and integrity of an Information System program used for DoD operations specifically mandate the security of each system. This means that both certification levels I and II are all focused on the capacity of each system to decipher users and information sharing operations that are needed to be considered especially when making an impacting condition into how the system shall be used for national security purposes. With information being one of the most crucial points of establishing national security, the operations standardized by the DITSCAP assure IS integrity are essential to assuring national safety.

References:

Herndon, VA. Trusted Computer Solutions. Security Certification & Accreditation: DITSCAP vs. DCID 6/3. http://www.trustedcs.com/whitepapers/ditscap.pdf. (Retrieved on June 4, 2012).

Assistant Secretary of Defense for Command, Control, Communications and Intelligence. Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP) Application Manual. (2000).

Department of Defense Instruction. (1997). DoD Information Technology Security and Certification Process (DITSCAP). http://www2.dla.mil/j-6/dlmso/eLibrary/Documents/PKI/i520040.pdf. (Retrieved on June 4, 2012).

CYGNACOM Solutions. Certification and Accreditation: DITSCAP. http://www.cygnacom.com/certification/st_e.htm. (Retrieved on June 4, 2012).