DIACAP

The DoD Information Assurance Certification and Accreditation Process (DIACAP) is the United States Department of Defense (DoD) process to ensure that risk management is applied on information systems (IS). DIACAP defines a DoD-wide formal and standard set of activities, general tasks and a management structure process for the certification and accreditation (C&A) of a DoD IS that will maintain the information assurance (IA) posture throughout the system's life cycle.

DIACAP is the result of a NSA directed shift in underlying security paradigm and succeeds its predecessor: DITSCAP.

One major change in DIACAP from DITSCAP is the embracing of the idea of information assurance controls (defined in DoDD 8500.1 and DoDI 8500.2) as the primary set of security requirements for all automated information systems (AISs). The IA Controls are determined based on the system's mission_assurance category (MAC) and confidentiality level (CL).

Diligent's team of Senior and Mid level Information Engineers conduct full DIACAP C&A reviews on the required three year cycle as well as the Federal Information Security Management Act (FISMA) mandated annual reviews.