• Classroom
  • Online, Instructor-Led

The 4-day course provides an in-depth review of the DIACAP, DoD Risk Management Framework (RMF) and DON DIACAP Handbook processes and procedures. Each activity in the DIACAP life cycle process is covered in detail and requirements to complete a DIACAP Implementation Plan (DIP), Systems Identification Profile (SIP), Plan of Actions and Milestones (POA&M), Certification Determination (CD) and other DON templates. The course includes printed training manual, lab exercises to include the completion of a sample DIACAP package that meets Navy CA requirements, and a comprehensive CD that includes the latest DON templates, NIST - DoD approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. Also, each student will complete the application to become a Navy Validator.

Learning Objectives

Day 1

  • Course Introduction
  • Roles and Responsibilities
  • Rules, Regulations and Guidance
  • Risk Management
  • Certification and Accreditation
  • Overview DIACAP Process
  • MAC Level
  • Confidentiality Levels
  • IA Controls
  • DIACAP Activity 1 Initiate and Plan C&A
  • Information System Types
  • System Registration
  • Assigning IA Controls
  • Assemble DIACAP Team
  • Initiate DIACAP Implementation Plan

Day 2

  • DIACAP Activity 2 Implement and Validate
  • Execute DIACAP Implementation Plan
  • Conduct Validation
  • Compile Validation and Results
  • Retina Scans and Gold Disk
  • DIACAP Activity 2 (continued)
  • Mapping IA Controls
  • Implementation/Validation Plan/Validation Report
  • Scorecard
  • POA&M
  • e-Mass
  • Activity 2 Review
  • DIACAP Activity 3 Certification Process
  • Certification and Determination (CD)

Day 3

  • DIACAP Activity 4 Maintain Authorization to Operate and Conduct Review
  • DIACAP Activity 5 Decommission
  • DIACAP to DIARMF transition (DoD 8510.01Risk Management Framework)

Day 4

  • DIARMF transition (DoD 8510.01Risk Management Framework) cont’d
  • Introduction to NIST 800-53 Rev 4. Recommended Security Controls
  • Introduction to NIST 800-37 Guide to Applying the Risk Management Framework
  • DIACAP controls vs NIST Controls
  • Navy Validator Information

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.