DITSCAP vs DIACAP
**Update: DIACAP is being superceded by 8510.10, DoD Risk Management Framework. We have been calling this DIARMF or Defense Information Assurance Risk Management Framework from 2011 to 2014, because originally that is the government was calling it while they were still writing it. **
The DIACAP will include Netcentricity, GIG and FISMA concepts. Implementations such as online status of system information assurance and annual reviews will be done in hopes of keeping information assurance visible and current.
The DIACAP will include Netcentricity, GIG and FISMA concepts. Implementations such as online status of system information assurance and annual reviews will be done in hopes of keeping information assurance visible and current.
DITSCAP
|
DIACAP
|
TARGET
|
System-Unique Reqirements and Metric (Risk Assessment)
|
Baseline DOD Controls, Standards, Tests Metrics
|
Mature knowledge-base Integrates DoD, Component,
Mission Area, Domain, and COI IA Control & Standards |
System-Unique IA Architechure
|
Emerging GIG and DoD Component
|
Robust Plug-and-Play Enterprise IA Services
|
Information is Seldom Current
|
Review NLT Annual
Status driven Online Repository
|
Automated Certification of IA posture
|
No Information on Many Systems
|
Expanded System Boundaries = Greater Coverage
Status driven Online Repository
|
IA Posture Visible
|
OVERALL
| ||
Slow
|
Intergrates FISMA
| |
Difficult to Share
|
Intergrates Netcentricity
| |
posted by elamb at 6:53 AM Permalink 
0 Comments:
Post a Comment
<< Home