Tag Archives: dod

SRR Findings to IA Controls

August 7, 2009 elamb.security

From Reader: I stumbled upon your site and am new to security working for a contractor. I’m attempting to complete a DIACAP POA&M and need to map SRR findings to IA controls – any idea where I might find this … Continue reading

Posted in Assurance, Assurance/DIACAP, Assurance/DITSCAP, security | Tagged , , , , , , | 1 Comment

DIACAP Essentials + IA Control Validation Training (part 4): DIACAP/AFCAP Day3

July 2, 2009 elamb.security

Day 3 heats up a little. We start talking about what it take to actually get validated. The DIACAP Implementers Guide & the DIACAP Validators guide is opened up and reviewed. I think we all learned a little something during … Continue reading

Posted in Assurance, Assurance/DIACAP, Assurance/DITSCAP, Assurance/Netcentric, Assurance/SSAA, EITDR, FISMA, information assurance, Main Digg, sissu | Tagged , , , , , , , , | Leave a comment

DIACAP Essentials + IA Control Validation Training (part 2): DIACAP/AFCAP Day1

June 22, 2009 elamb.security

DIACAP/AFCAP Day 1. This is the second installment of the DIACAP Essentials journal. In the first day of class we’ve taken a high level look at the big picture of the Department of Defense Information Assurance Certification & Accreditation Process … Continue reading

Posted in Assurance, Assurance/DIACAP, Assurance/DITSCAP, Assurance/Netcentric, Assurance/SSAA, Certification/CISSP, EITDR, federal, FISMA, information assurance, Main Digg, security | Tagged , , , , , , , , , , , , , , | 2 Comments

Kyu H. Chay

December 3, 2008 elamb.security

To the family of Kyu H. Chay, I am sorry for your loss, but I thank you for your sacrifice. Kyu H. Chay is more that just an American hero, he represents the best of what we are capable of. … Continue reading

Posted in crypto, cryptography, Main Digg, security | Tagged , , , , , , | Leave a comment

Certification & Accreditation Change

August 26, 2008 elamb.security

Standard-issue security Certification and accreditation process for national security systems to extend to the rest of government. A two-year-old effort to standardize processes for certifying and accrediting government IT systems could soon bear fruit, according to officials from several agencies. … Continue reading

Posted in Assurance/DIACAP, FDCC, federal, FISMA, information assurance, Main Digg, Security Management, System security engineering | Tagged , , , , , , , , | 1 Comment

Operational Activity to Systems Function Traceability Matrix (SV-5)

February 29, 2008 elamb.security

Product Definition. Operational Activity to Systems Function Traceability Matrix is a specification of the relationships between the set of operational activities applicable to an architecture and the set of system functions applicable to that architecture. Product Purpose. SV-5 depicts the … Continue reading

Posted in architectural views, Assurance | Tagged , , , , , , , | Leave a comment

Systems Functionality Description (SV-4)

February 29, 2008 elamb.security

Product Definition. The Systems Functionality Description documents system functional hierarchies and system functions, and the system data flows between them. Although there is a correlation between Operational Activity Model (OV-5) or business-process hierarchies and the system functional hierarchy of SV-4, … Continue reading

Posted in architectural views, Assurance | Tagged , , , , , , , , | Leave a comment

DIACAP Activity #1 Initiate and Plan Certification & Accreditation

February 2, 2008 elamb.security

Initiating the Department of Defense Information Assurance Certification & Accreditation Process (DIACAP) starts with a lot of “setting up shop”. Registering with a DoD component, forming the IA Team and assigning IA controls (also known as IA requirements and security … Continue reading

Posted in Assurance/DIACAP, Assurance/DITSCAP, Assurance/Netcentric, Assurance/SSAA, Main Digg | Tagged , , , , , , , , , , | 1 Comment