1.
PURPOSE
1.1.
Implements policy, assigns responsibilities, and prescribes procedures under
reference (a) for Certification
and Accreditation (C&A) of information technology (IT), including
automated information systems, networks, and sites in the Department of
Defense.
1.2.
Creates the DoD IT Security Certification and Accreditation Process
(DITSCAP) for security C&A of unclassified and classified IT to
implement references (a) through
(d).
1.3. Stresses the importance
of a life-cycle management approach to the C&A and reaccreditation of
DoD IT.
