0
Who are the diacap team members responsible for implementing diacap?
Wiki User
∙ 12y ago
According to DODI 8500.2, the "DIACAP team members" are defined as:
E2.25. DIACAP Team. Comprised of the individuals responsible for implementing the DIACAP for a specific DoD IS. At a minimum the DIACAP Team includes the DAA, the CA, the DoD IS program manager (PM) or system manager (SM), the DoD IS IA manager (IAM), IA officer (IAO), and a user representative (UR) or their representatives.
Wiki User
∙ 12y ago
Add your answer:
Earn +20 pts
Which is the most acceptable list of DIACAP team members responsible for implementing DIACAP?
DAA, CA, SIAO, PM, IAM, and IAO (or IASO)www.lunarline.com - best in the biz
What is an acceptable list of the DIACAP team members responsible for implementing DIACAP?
According to DoDI 8510.01, Enclosure 2: E2.25. DIACAP Team. Comprised of the individuals responsible for implementing the DIACAP for a specific DoD IS. At a minimum the DIACAP Team includes the DAA, the CA, the DoD IS program manager (PM) or system manager (SM), the DoD IS IA manager (IAM), IA officer (IAO), and a user representative (UR) or their representatives.
What is an acceptable list of DIACAP team members responsible for implementing?
DAA, CA, SIAO, PM, IAM, and IAO (or IASO)
Which are the DIACAP team members?
According to DODI 8500.2, the "DIACAP team members" are defined as: E2.25. DIACAP Team. Comprised of the individuals responsible for implementing the DIACAP for a specific DoD IS. At a minimum the DIACAP Team includes the DAA, the CA, the DoD IS program manager (PM) or system manager (SM), the DoD IS IA manager (IAM), IA officer (IAO), and a user representative (UR) or their representatives.
Which of the following is the most acceptable list of DIACAP team members are responsible for implementing DIACAP?
This question is now outdated since the DoD has moved to RMF as their accreditation mechanism. Under RMF the team members should include the AO (authorizing official), CA (certification authority), system owner, and user representative.
You are about to begin the diacap process where will the diacap team members be listed?
The first DIACAP document that lists the team members will usually be a document called the System Identification Profile (SIP).
Where will you find role descriptions for DIACAP team members?
DIACAP Knowledge Service.
Who should assist in implementing the diacap the iam or the iao or iaso?
The short answer is - YES. Both the IAM and the IAO have responsibilities in implementing DIACAP. Table E3.A1.T1 of DoDI 8500.2 states that the System Identification Profile must list the members of the DIACAP team, to wit: Identify the DIACAP Team (e.g., DAA, the CA, the DoD IS PM or SM, the DoD IS IAM, IAO, and UR. Note that BOTH the IAM and IAO are listed. The acronym IASO is synonymous with IAO.
Jim your organizations iam has been contacted by the program manager to assist in implementing the diacap Jim is not required to assist the pm in this activity and should pass this activity off t?
Both the IAM and the IAO have responsibilities in implementing DIACAP. Table E3.A1.T1 of DoDI 8500.2 states that the System Identification Profile must list the members of the DIACAP team, to wit: Identify the DIACAP Team (e.g., DAA, the CA, the DoD IS PM or SM, the DoD IS IAM, IAO, and UR. Note that BOTH the IAM and IAO are listed. The acronym IASO is synonymous with IAO. The IAM may delegate the actual work to the IAO/IASO but still has ultimate responsibility to see that the work gets done. They do not have sole responsibility however - the other listed team members also share the responsibility.
Where will find you find the role descriptions for DIACAP team members?
While DKO (Defense Knowledge Service) elaborates on the roles and responsibilities of DIACAP team members, the authoritative original source is in the DIACAP document: DoDI 8510.01. Section 5.15 details the role of the DAA. Section 5.16 details the role of the Program or System Manager. Section 5.17 details the role of the User Representative. Section 5.18 details the role of the IAM.
Where will the DIACAP team members be listed?
The roles are listed in DoDI 8510. Usually the names of those filling the roles will also be listed in the Certification and Accreditation Plan (C&A Plan)
What list of the DIACAP is the most acceptable for team members implementing DIACAP?
At a minimum the DIACAP Team includes the DAA, the CA, the DoD IS program manager (PM) or system manager (SM), the DoD IS IA manager (IAM), IA officer (IAO), and a user representative (UR) or their representatives.___DAA, CA, SIAO, PM, IAM, and IAO (or IASO)____From the sections below it would appear the list of individuals responsible for implementing DIACAP would be:SIAODAA (aka PAA)PMIAMIAO (as assigned by the IAM ) - note that the Army calls the IAO the IASOUR - depending on how you interpret paragraph 5,17.According to DoDI 8510.01 (DIACAP), paragraph 1.3, the DIACAP instruction:Establishes or continues the following positions, panels, and working groups to implement the DIACAP: the Senior Information Assurance Officer (SIAO), the Principal Accrediting Authority (PAA), the Defense Information Systems Network (DISN)/Global Information Grid (GIG) Flag Panel, the IA Senior Leadership (IASL), the Defense (previously DISN) IA Security Accreditation Working Group (DSAWG), and the DIACAP Technical Advisory Group (TAG).From this it can be inferred that individuals responsible for implementing DIACAP include:the SIAOthe PAA - which can be the DAABesides the SIAO and DAA - the sections of DoDI quoted below identify the other team members with responsibility to implement DIACAP:5.16. The Program Manager (PM) or System Manager (SM) for DoD ISs shall:5.16.1. Ensure that each assigned DoD IS has a designated IA manager (IAM) with the support, authority, and resources to satisfy the responsibilities established in Reference (d) and this Instruction.5.16.2. Implement the DIACAP for assigned DoD ISs.5.16.3. Plan and budget for IA controls implementation, validation, and sustainment throughout the system life cycle, including timely and effective configuration and vulnerability management.5.16.4. Ensure that information system security engineering is employed to implement or modify the IA component of the system architecture in compliance with the IA component of the GIG Architecture (Reference (c)) and to make maximum use of enterprise IA capabilities and services.5.16.5. Enforce DAA accreditation decisions for hosted or interconnected DoD ISs.5.16.6. Develop, track, resolve, and maintain the DIACAP Implementation Plan (DIP) for assigned DoD ISs.5.16.7. Ensure IT Security POA&M development, tracking, and resolution.5.16.8. Ensure annual reviews of assigned ISs required by FISMA are conducted.5.17. The DoD IS URs shall:5.17.1. Represent the operational interests of the user community in the DIACAP.5.17.2. Support the IA controls assignment and validation process to ensure user community needs are met.5.18. The IAMs, in addition to the responsibilities established in Reference (d), shall:5.18.1. Support the PM or SM in implementing the DIACAP.5.18.2. Advise and inform the governing DoD Component IA program on DoD ISs C&A status and issues.5.18.3. Comply with the governing DoD Component IA program information and process requirements.5.18.4. Provide direction to the IA Officer (IAO) in accordance with Reference (d).5.18.5. Coordinate with the organization's Security Manager
