US Department of Defense Information Assurance: Achieving Successful DITSCAP with eZ publish as a Platform
Sunday 19 November 2006 8:23:00 am
- Public Law 100-235, "Computer Security Act of 1987", January 8, 1988
- Office of Management and Budget Circular No. A-130, "Management of Federal Information Resources", February 8, 1996
- Office of Management and Budget Circular No. A-123, "Management Accountability and Control", June 21, 1995
- DOD Directive 5000.1, "Defense Acquisition", March 15, 1996
- DOD Regulation 5000.2-R, "Mandatory Procedures for Major Defense Programs (MDAPS) and Major Automated Information System (MAIS) Acquisition Programs", November 4, 1996
- DOD Directive C-5200.5, "Communications Security (COMSEC)", Oct 6 1981
- DOD Instruction 5200.40 "DOD Information Technology Security Certification and Accreditation (C&A) Process (DITSCAP)", 30 December 1997
- DOD Directive 5220.22, "Industrial Security Program", November 1, 1986
- DOD Directive 8500.1, "Information Assurance", 24 October 2002
- DOD Directive 8500.2, "Information Assurance (IA) Implementation", 6 Feb October 2003
- DOD Manual 8510.1-M, "Department of Defense Information Technology Security Certification and Accreditation (C&A) Process (DITSCAP) Application Manual", 31 July 2000
- Federal Information Processing Standards (FIPS), Publication 31 "Guidelines for Automatic Data Processing Physical and Risk Management", June 1974
- Federal Information Processing Standards (FIPS), Publication 41 "Computer Security Guidelines for Implementing the Privacy Act of 1974", May 30, 1975
- Federal Information Processing Standards Publication 65, "Guideline for Automatic Data Processing Risk Analysis", August 1, 1993
- National Computer Security Center (NCSC) Technical Guide 031 (NCSC-TG-031), "The Certification and Accreditation Process Handbook for Certifiers", NCSC-TG-031, 1996
- National Computer Security Center (NCSC) Technical Guide 032 (NCSC-TG-032) "Accreditor Guideline", July 1972
- National Institute of Standards and Technology (NIST) Special Publication 800-6, "Automated Tools for Testing Computer System Vulnerability", December 1992
- National Institute of Standards and Technology (NIST) Publication 800-12, "An Introduction to Computer Security", October 1995
- National Security Administration (NSA) Manual DS-80, "INFOSEC Software Engineering Standards and Practices Manual", January 9, 1991
- National Security Telecommunications and Information Systems Security Instruction (NSTISSI) 4009, National Information Systems Security (INFOSEC) Glossary, August 1997
- Secretary of the Navy Instruction (SECNAVINST) 5239.3A, "Department of the Navy Information Security (INFOSEC) Program", 20 Dec 2004
- SECNAVINST 5510.30A (SECNAVINST 5510.30A), "Department of the Navy Personal Security Program", 10 Mar 1999
- SECNAVINST 5510.36 (SECNAVINST 5510.36), "Department of the Navy Information Security Program (ISP) Regulation", 17 Mar 1999
- Subsection 552a of Title 5, United States Code