IT Management, Research Paper Example

Pages: 1

Words: 782

Research Paper

Do you believe the seven categories of issues evaluated and the value schemes assigned are practical? Would you change the set in any way for the course scenario and computer system?

The seven categories of the issues evaluated are practical on many aspects. The security process analysis, which incorporates an overview of the risk management practices, is instrumental in risk and mitigation identification. The security process is an essential aspect of the overall risk management. The first phase, which articulates issues related with SSAA, is also practical. The verification phase identified as the second phase and is practical since it involves activities of certification analysis.

The validation phase is another issue raised in the document and describes the different roles and responsibilities that need to be addressed. Post accreditation activities reflect a series of issues that are mitigated at different levels after the accreditation process is initiated. It is pertinent to note that the certification tasks suggested are a central part of the course. Security activities are an indispensable aspect that is commonly included in the program strategies. Strategy development process involves practical application of knowledge to attain specified goals.

If you review the certification level evaluation table C3.T10, that assigns levels to the numeric scores derived from the computation process, the numeric values computed result in an overlap in the levels. If the numeric values computed overlap across levels, how do you decide whether to go with the lower level or the higher level?

The decision process will be based on the program manager decision with the allocation following different characteristics. These include the interfacing mode and processing mode. On the other hand, an attribution mode will be instrumental in giving the basic alternative for the characteristics. Mission reliance is also another aspect that should be considered. Moreover, the availability level and integrity help in deciding whether to go for the lower or higher level.

Review the list of appendices to the SSAA Outline and Detailed Description in Appendix 1. Compare these documents with the list of documents required for the B-3 Division /Class in the Orange Book.

The SSAA outline provides a comprehensive coverage of the contractual agreement that binds all the stakeholders in the program. The first section covers basic mission description as well as functional description. The functionality description is a detailed account of issues such as the life cycle of systems, capabilities, as well as the clearance levels. An environmental description section is included to capture the aspect of administrative and physical consideration. The description of the facility offers an insight on the operating circumstances maintenance procedures. It is pertinent to note that issues of software development as well as threat description are captured in this section. This is unlike the documents required in the B-3 division.

A description of the system architecture is also captured with detailed coverage of system interfaces and the data flow. Moreover, the use of internal connections to manipulate external connections is covered. The outline introduces describes various system security issues and requirement. These include the national security requirements as well as data security requirements.

What are the differences between these two sets of documents?

These two documents are different in their structure and part of the content. The B-3 section of the orange book is more detailed than the SSAA Outline and Detailed Description with issues touching on security domains being critically reviewed.

Are there any documents referenced for development in the B-3 section in the Orange Book that are not listed in the DITSCAP? If so, what are they?

The documents referenced in the B-3 section of the orange book that are not listed within DITSCAP include the zero flaws on design, TCB models, as well as security auditing documents.

Why aren’t they included in the DITSCAP?

They are not necessary in the DITSCAP since it is a basic contractual agreement between different participants of the program. Moreover, the contents of the DITSCAP are far much different Orange Book.

Which ones would or would not be applicable for the course scenario computer system?

The organizations and resources section is instrumental to support the scenario computer system. Different organization description and responsibilities offer an insight to the application of different systems in the course. Training resources such as the tasks and milestones, the security environment, approved past solutions, the roles and responsibilities are necessary for the course. However, inclusion of accreditation boundary documents in the course is not necessary for the scenario computer and system course.

References

DITSCAP transition to DIACAP. (n.d.). Information Assurance Support Environment Home Page. Retrieved June 7, 2012, from http://iase.disa.mil/diacap/ditscap-to-diacap.html

DITSCAP transition to DIACAP. (n.d.). Information Assurance Support Environment Home Page. Retrieved June 7, 2012, from http://iase.disa.mil/diacap/

DoD Issuances Website: DoD Directives. (n.d.). DTIC Online. Retrieved June 7 2012 fromhttp://www.dtic.mil/whs/directives/corres/dir.html

Time is precious

Time is precious

don’t waste it!

Get instant essay
writing help!
Get instant essay writing help!
Plagiarism-free guarantee

Plagiarism-free
guarantee

Privacy guarantee

Privacy
guarantee

Secure checkout

Secure
checkout

Money back guarantee

Money back
guarantee

Related Posts

Response to HazMat Scenario, Case Study Example

First of all, after consulting with the HazMat Team Coordinator that works at the site of the spill and upon the arrival of the HazMat [...]

Pages: 1

Words: 199

Case Study

Legislative Letter and Talking Points, Research Paper Example

H.R.183 — Veterans Dog Training Therapy Act Dear Senator Woodall: As a health care professional and practicing nursing team manager, I am writing you about [...]

Pages: 1

Words: 178

Research Paper

Selling Smart Phone in India, Research Paper Example

The technological advancements over the last few decades have been mind blowing by any measure and one only needs to look at smart phones to [...]

Pages: 1

Words: 330

Research Paper

RFI and RFP Reflection, Essay Example

The request for information and request for proposal processes are an integral part of maintaining the electronic health record system. Generally, a RFI is used [...]

Pages: 1

Words: 234

Essay

HIT Profession, Essay Example

Introduction The continuous change in the health information technology requires essential skills knowledge as well as abilities. This is in order to meet both the [...]

Pages: 1

Words: 176

Essay

Technology’s Impact on Patient Care, Essay Example

Introduction Over the past several years, industries have lowered costs while still providing quality services through investments in information technology. Nonetheless, the healthcare profession has [...]

Pages: 1

Words: 180

Essay

Response to HazMat Scenario, Case Study Example

First of all, after consulting with the HazMat Team Coordinator that works at the site of the spill and upon the arrival of the HazMat [...]

Pages: 1

Words: 199

Case Study

Legislative Letter and Talking Points, Research Paper Example

H.R.183 — Veterans Dog Training Therapy Act Dear Senator Woodall: As a health care professional and practicing nursing team manager, I am writing you about [...]

Pages: 1

Words: 178

Research Paper

Selling Smart Phone in India, Research Paper Example

The technological advancements over the last few decades have been mind blowing by any measure and one only needs to look at smart phones to [...]

Pages: 1

Words: 330

Research Paper

RFI and RFP Reflection, Essay Example

The request for information and request for proposal processes are an integral part of maintaining the electronic health record system. Generally, a RFI is used [...]

Pages: 1

Words: 234

Essay

HIT Profession, Essay Example

Introduction The continuous change in the health information technology requires essential skills knowledge as well as abilities. This is in order to meet both the [...]

Pages: 1

Words: 176

Essay

Technology’s Impact on Patient Care, Essay Example

Introduction Over the past several years, industries have lowered costs while still providing quality services through investments in information technology. Nonetheless, the healthcare profession has [...]

Pages: 1

Words: 180

Essay