What is DITSCAP?

Department of Defense (DoD) Information Technology (IT) Security Certification and Accreditation Process (DITSCAP) is the standard DoD process for identifying information security requirements, providing security solutions, and managing information system security activities. The process is designed to certify that the IT system meets the accreditation requirements and that the system will continue to maintain the accredited security posture throughout the system life cycle.

"DoD Directive 5200.28 mandates the accreditation of Automated Information Systems (AIS), to include stand-alone personal computers, connected systems, and networks."

What will DK Consulting Services do for you?

We first performs a requirements and risk analysis of the IT system based on the Common Criteria (CC) Controlled Access Protection Profile (CAPP), which has replaced the requirements for C2 trusted product evaluations. Our risk assessment is designed to follow NIST SP 800-37 and Critical Information Profile (CIP). Based on this engineering analysis, specific recommendations are made to bring the system into compliance. The security documentation is then prepared to accurately reflect the current security standing of the IT system, and then properly formatted to allow the organization to directly submit the documentation to the proper Certification and Accreditation (C&A) Authority.

Products

DK Consulting Services offers the following line of products to service your DITSCAP needs:

• complete set of required documentation
• on-site requirements gap analysis
• on-site security assessment and risk analysis
• engineering solutions: plan, design, and implementation
• annual review of system
• comprehensive employee security awarenesstraining
• ongoing support