Return to search

An introduction to certification and accreditation for new accreditors

Approved for public release; distribution is unlimited / The certification process can be defined as a comprehensive evaluation of all security features, both technical and nontechnical, of an information system. This process ensures that the system design and implementation meets a distinct set of prescribed security requirements. The accreditation of a system ensures that networks, applications, and operating systems that make up the system are running at an acceptable level of risk. The Designated Approving Authority (DAA) is responsible for deciding what systems to approve for accreditation, and assumes the responsibility for running the accredited system at an accepted level of risk. This analysis of the certification and accreditation process stresses the vital aspects of the process that are of special concern to the DAA. The mission drives the process, and influences the ultimate accreditation decision. The DAA must understand the fundamental aspects of the certification effort, and be able to weigh factors such as the funding, time, and other resources available for the effort, as well as understand the scope of the system as a whole. This thesis covers the vital aspects of certification and accreditation, and provides the new DAA with a guide to the process. / Naval Postgraduate School author (civilian).

Identiferoai:union.ndltd.org:nps.edu/oai:calhoun.nps.edu:10945/903
Date06 1900
CreatorsStauffer, Natalie
ContributorsBurke, Karen, Rasmussen, Craig, Computer Science
PublisherMonterey, California. Naval Postgraduate School
Source SetsNaval Postgraduate School
Detected LanguageEnglish
TypeThesis
Formatxiv, 52 p. ;, application/pdf
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, may not be copyrighted.

Page generated in 0.0018 seconds