KLC Consulting Logo

KLC Consulting, Inc.
Tel: 617-314-9721

Here are the most common and useful DIACAP and FISMA Resources.

KLC Specializes in FISMA and DIACAP Certification and Accreditation (C&A) / Authorization and Accreditation (A&A) Services. Please contact us for your C&A / A&A needs. If you have never been through the C&A / A&A and are required to obtain an ATO from an agency, we will be happy to walk through the high level process with you.


DIACAP Resources

DoD Instruction (DODI) 8510.01 DOD Information Assurance Certification and Accreditation Process (DIACAP)

Posted November 28, 2007



DoDI 8500.2 IA Implementation Document (http://www.dtic.mil/whs/directives/corres/pdf/850002p.pdf)


DoDI8500.2 Validation procedures by Mission Assurance Category (MAC) and Confidentiality Level (CL) dated 28 Mar 2008 downloaded from the DISA.mil website - Unclassified.  


DoDI 8500-2 IA Control Checklist - MAC 1-Classified

DoDI 8500-2 IA Control Checklist - MAC 1-Sensitive

DoDI 8500- IA Control Checklist - MAC 1-Public

DoDI 8500-2 IA Control Checklist - MAC 2-Classified

DoDI 8500-2 IA Control Checklist - MAC 2-Sensitive

DoDI 8500-2 IA Control Checklist - MAC 2-Public

DoDI 8500-2 IA Control Checklist - MAC 3-Classified

DoDI 8500-2 IA Control Checklist - MAC 3-Sensitive

DoDI 8500-2 IA Control Checklist - MAC 3-Public


DoDI 8500-2 mapping to NIST 800-53 (DIACAP mapping to FISMA) (Excel XLS file) -

Navy CIO office, published on May 5, 2010

The Department of the Navy Chief Information Officer has updated the security control mapping document originally published in November 2009. DON CIO has collaborated with Assistant Secretary of Defense (Networks & Information Integration) (ASD (NII)) to further refine the mapping of the Department of Defense's current security controls to the new consolidated security controls in NIST SP 800-53, revision 3. In addition to the revisions from the ASD(NII) review, DON CIO's updated security control mapping document also contains a more thorough mapping of the new NIST SP 800-53r3 security controls to those published within the legacy Director of Central Intelligence Directive (DCID) 6/3.


DoD Directive 8500.1, Information Assurance
October 24, 2002


DIACAP System Security Plan (SSP) Template


DoD Directive (DODD) 8500.1 & DoD Instruction (DODI) 8500.2 -
Tutorial Lecture from Auburn University



Dept. of Navy DIACAP Handbook - Published on July 15, 2008




DIACAP Training:


Free DIACAP Training and Resource


For information on FREE Online DOD DIACAP Training (Overview and Implementation), please contact KLC. info@klcconsulting.net



Additional DoD Sites:


The following links will help clarify some questions that may arise from the validation procedures:


FISMA Resources:

NIST Special Publication (SP) 800 Series Website


FISMA Risk Management Framework (RMF) is the foundation for Certification and Accreditation (C&A) / Authorization and Accreditation (A&A)
(from NIST 800-37 and 800-53)

FISMA Risk Management Framework (RMF)


NIST 800-53 Rev. 3 - 18 Security Control Families (PM was added in Rev. 3):

NIST 800-53 Security Control Families