Many inconsistencies and misconceptions exist throughout government and industry concerning what Information Assurance (IA) is and why it is important for training systems. What began as a vague concept creating a great deal of confusion has evolved into a mature, streamlined process resulting in increased levels of understanding and preparedness.
The paradigm has shifted; Program Managers and Engineers are now much more aware of the security requirements their systems must comply with to ultimately obtain authorization to operate. Throughout this familiarization process, which included awkward acronyms, cumbersome processes (DITSCAP), and antiquated artifacts (SSAA), the IA process evolved into a new breed: DIACAP. Immediately following this conversion, many complaints surfaced expressing well-founded concerns. If this question lurks in your mind: "I just started understanding DITSCAP, now there is the DIACAP, what does this mean to me?", then you will want to read this paper.
This paper responds directly to those concerns. It analyzes the DIACAP and addresses how the DIACAP ties into the program and acquisition schedule from cradle to the grave. The paper documents two proven IA methodologies, the preferred "Baked-in" approach and the alternative "Bolted-on" approach. Additionally, the five DIACAP activities, accreditation maintenance requirements, development of various artifacts, and identification of necessary tasks to ensure success are discussed. The paper increases understanding of the DIACAP evolution and identifies positive outcomes of each, including efficiencies realized, roles defined, more pertinent artifacts, and the change in type- vs. site-based accreditations.
IA is an ever-critical component that needs to be fully integrated into all information systems, which ensures that confidentiality, integrity, and availability are "Baked-in" and inherent in training devices. This paper will prove that the IA process has evolved into a proven, streamlined implementation ensuring training systems effectively and securely support three crucial Warfighter objectives: Learn. Train. Win!