KLC Consulting Logo

KLC Consulting, Inc.
www.klcconsulting.net
sales@klcconsulting.net
Tel: 617-314-9721

Here are the most common and useful DIACAP and FISMA Resources.

KLC Specializes in FISMA and DIACAP Certification and Accreditation (C&A) / Authorization and Accreditation (A&A) Services. Please contact us for your C&A / A&A needs. If you have never been through the C&A / A&A and are required to obtain an ATO from an agency, we will be happy to walk through the high level process with you.

 

DIACAP Resources

DoD Instruction (DODI) 8510.01 DOD Information Assurance Certification and Accreditation Process (DIACAP)

Posted November 28, 2007

http://www.dtic.mil/whs/directives/corres/pdf/851001p.pdf

 

DoDI 8500.2 IA Implementation Document (http://www.dtic.mil/whs/directives/corres/pdf/850002p.pdf)

 

DoDI8500.2 Validation procedures by Mission Assurance Category (MAC) and Confidentiality Level (CL) dated 28 Mar 2008 downloaded from the DISA.mil website - Unclassified.  

 

DoDI 8500-2 IA Control Checklist - MAC 1-Classified

DoDI 8500-2 IA Control Checklist - MAC 1-Sensitive

DoDI 8500- IA Control Checklist - MAC 1-Public

DoDI 8500-2 IA Control Checklist - MAC 2-Classified

DoDI 8500-2 IA Control Checklist - MAC 2-Sensitive

DoDI 8500-2 IA Control Checklist - MAC 2-Public

DoDI 8500-2 IA Control Checklist - MAC 3-Classified

DoDI 8500-2 IA Control Checklist - MAC 3-Sensitive

DoDI 8500-2 IA Control Checklist - MAC 3-Public

 

DoDI 8500-2 mapping to NIST 800-53 (DIACAP mapping to FISMA) (Excel XLS file) -

Navy CIO office, published on May 5, 2010

The Department of the Navy Chief Information Officer has updated the security control mapping document originally published in November 2009. DON CIO has collaborated with Assistant Secretary of Defense (Networks & Information Integration) (ASD (NII)) to further refine the mapping of the Department of Defense's current security controls to the new consolidated security controls in NIST SP 800-53, revision 3. In addition to the revisions from the ASD(NII) review, DON CIO's updated security control mapping document also contains a more thorough mapping of the new NIST SP 800-53r3 security controls to those published within the legacy Director of Central Intelligence Directive (DCID) 6/3.

 

DoD Directive 8500.1, Information Assurance
October 24, 2002
http://www.dtic.mil/whs/directives/corres/pdf/850001p.pdf

 

DIACAP System Security Plan (SSP) Template

 

DoD Directive (DODD) 8500.1 & DoD Instruction (DODI) 8500.2 -
Tutorial Lecture from Auburn University

http://www.eng.auburn.edu/cse/classes/comp6370/lessons/Supplemental_8500_series.pdf

 

Dept. of Navy DIACAP Handbook - Published on July 15, 2008

www.doncio.navy.mil/Download.aspx?AttachID=627

 

 

DIACAP Training:

 

Free DIACAP Training and Resource

 

For information on FREE Online DOD DIACAP Training (Overview and Implementation), please contact KLC. info@klcconsulting.net

 

 

Additional DoD Sites:

 

The following links will help clarify some questions that may arise from the validation procedures:

 

FISMA Resources:

NIST Special Publication (SP) 800 Series Website

 

FISMA Risk Management Framework (RMF) is the foundation for Certification and Accreditation (C&A) / Authorization and Accreditation (A&A)
(from NIST 800-37 and 800-53)

FISMA Risk Management Framework (RMF)

 

NIST 800-53 Rev. 3 - 18 Security Control Families (PM was added in Rev. 3):

NIST 800-53 Security Control Families