Medical and Public Health Law Site
DoD Directives

TITLE:  DoD Instruction 5200.40, "DoD Information Technology Security Certification and Accreditation Process (DITSCAP)", 12/30/1997

SUMMARY: This Instruction: 1. Implements policy, assigns responsibilities and prescribes procedures under DoD Direct 5200.28, March 21, 1988 for Certification and Accreditation (C&A) of information technology (IT), including automated information systems, networks, and sites in the Department of Defense. 2. Creates the DoD IT Security Certification and Accreditation Process (DITSCAP) for security C&A of unclassified and classified IT to implement DoD Directive 5200.28, March 21, 1988; Public Law 100-235, January 8, 1988; Office of Management and Budget Circular No. A-130, February 8, 1996; director of Central Intelligence 1/16, March 14, 1988. 3. Stresses the importance of a life-cycle management approach to the C&A and reaccredidation of DoD IT.

FILES: Select a Format

SGML (187 KB)  PDF (431 KB)  ASCII (132 KB)