CAP · Question #336
The Phase 1 of DITSCAP C&A is known as Definition Phase. The goal of this phase is to define the C&A level of effort, identify the main C&A roles and responsibilities, and create an agreement on the m
The correct answer is A. Registration B. Document mission need C. Negotiation. DITSCAP (DoD Information Technology Security Certification and Accreditation Process) Phase 1 - Definition - has three primary activities: (1) Registration: formally registering the system into the C&A process; (2) Document Mission Need: capturing the system's mission requirement
Question
The Phase 1 of DITSCAP C&A is known as Definition Phase. The goal of this phase is to define the C&A level of effort, identify the main C&A roles and responsibilities, and create an agreement on the method for implementing the security requirements. What are the process activities of this phase? Each correct answer represents a complete solution. Choose all that apply.
Options
- ARegistration
- BDocument mission need
- CNegotiation
- DInitial Certification Analysis
How the community answered
(36 responses)- A94% (34)
- D6% (2)
Explanation
DITSCAP (DoD Information Technology Security Certification and Accreditation Process) Phase 1 - Definition - has three primary activities: (1) Registration: formally registering the system into the C&A process; (2) Document Mission Need: capturing the system's mission requirements and security needs; and (3) Negotiation: reaching agreement between the Program Manager and the Designated Approving Authority (DAA) on the security requirements and C&A approach. Initial Certification Analysis (D) belongs to Phase 2 (Verification), where the system is tested against the agreed-upon security requirements. Including D would be incorrect.
Topics
Community Discussion
No community discussion yet for this question.