EITDR – enterprise information technology data repository

by Bruce Brown | 3 Comments


30 Aug 11 – Update *USAF Recently changed the functionality of EITDR

To all System Security Engineers and Information Assurance Officers,

Here is something you might need to know. The Air Force is conducting all MANY of its certification & accreditation through the EITDR database none of its C&A (soon Risk Management Framework) through EITDR. The USAF is moving to the eMASS. As of Aug 2011, the USAF is still using EITDR to do IT portfolio management (to remain compliant with FISMA). EITDR feeds into the DoD IT Portfolio Registry (DITPR) database. Each branch has its own methods IT registry: the Army’s has the Portfolio Management System (APMS), Navy/Marines have the DITPR-DON. All of these system are used to “record investment review and certification submission information, FISMA assessments, E-Authentication status, and Privacy Impact Assessment status” (office of the assistance sec of the navy).

Each branch has an agency that controls these databases for example, the Air Force has the Air Force Communincations Agency (AFCA) AFNIC, the Army has the Installation Management Agency. These agencies moderate the certification & accreditation process. The IT Lean (aquisitions process) and the SISSU (security, interoperability, supportability, sustainability and usability) processes are integrated into the EITDR/DITPR-DON/APMS. Once you complete all the questions for you registered system, you will have accomplised complete SSAA, DIACAP, and even ISP packages.

For more information search the public.afca.af.mil (USAF). Everything you need to know is there. Also call or email AFCA/EV to learn more.
Army can go –>https://www.us.army.mil/suite/folder/4920492

3 Comments on EITDR – enterprise information technology data repository

  1. Robert Littlejohn
    March 23, 2009 at 5:41 am (11 years ago)

    Although the article above is accurate in what it says, it inferes that the certification and accreditation process is based on EITDR. I currently work at the Agency and when I first arrived I was asked if I had ever done an EITDR C&A. I responded that EITDR is a data repository not a certification and accreditation process. DOD has the DIACAP and federal systems are certified and accredited according to the NIST SP800 series guidance to be FISMA compliant. The Air Force uses IT Lean SISSU (security, interoperability, supportability, sustainability, and useability) as its “branded” process which incorporates acquisition and DIACAP. From a DITSCAP point of view there really isn’t much of an SSAA or accreditation documentation anymore. Generally the package going forward to the DAA consists of the Information Systems Plan (ISP), DIACAP Scorecard, Plan of Action and Milestones (POA&M), and the CA’s recommendation letter.

  2. Click here
    October 8, 2014 at 3:16 pm (5 years ago)

    I do accept as true with all the ideas you’ve offered
    for your post. They are very convincing and can definitely work.
    Still, the posts are too short for novices. May just you please lengthen them a little from next time?

    Thanks for the post.


1Pingbacks & Trackbacks on EITDR – enterprise information technology data repository

  1. […] USAF Enterprise Information Technology Data Repository (EITDR) […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment *