Options
Diacap
Figured I would give this a shot here, I tried checking out some DIACAP groups on LinkedIn but found nothing useful.
I was given a DIACAP project here at work a couple of weeks ago. We are getting SIPR network access at three facilities and already have the approval letter from the US Army to start the whole DIACAP process. I am the only one here with DIACAP experience which consists of doing technical C&A work on servers none of the other stuff that is involved. I have a general idea what is involved but am not sure how to "google" a couple of things and was hoping somebody here had experience in this certifying field.
I have all the DOD PDF files I need and some POA&M templates and working on an outline to present to the President of the company next week to figure out labor hours, costs, etc.
With the POA&M I have templates but am wondering if the vulnerabilities are exported from Gold Disk or do I have to manually enter each finding into the template
I am just stuck on some really easy, obivous things and maybe I am just blind.
I understand the STIG,IAVA requirements for the equipment but am having a hard time finding physical security requirements for our departments.
The DOD requirements are word heavy and light on actual specific facts, specs....
I ended up having to reschedule my CISA exam because I am buried under a pile of PDFs and burning up the work internet googling anything and everything. And I also have to learn how to add Cisco 2811s for each area so at least I can learn something new.
I was given a DIACAP project here at work a couple of weeks ago. We are getting SIPR network access at three facilities and already have the approval letter from the US Army to start the whole DIACAP process. I am the only one here with DIACAP experience which consists of doing technical C&A work on servers none of the other stuff that is involved. I have a general idea what is involved but am not sure how to "google" a couple of things and was hoping somebody here had experience in this certifying field.
I have all the DOD PDF files I need and some POA&M templates and working on an outline to present to the President of the company next week to figure out labor hours, costs, etc.
With the POA&M I have templates but am wondering if the vulnerabilities are exported from Gold Disk or do I have to manually enter each finding into the template
I am just stuck on some really easy, obivous things and maybe I am just blind.
I understand the STIG,IAVA requirements for the equipment but am having a hard time finding physical security requirements for our departments.
The DOD requirements are word heavy and light on actual specific facts, specs....
I ended up having to reschedule my CISA exam because I am buried under a pile of PDFs and burning up the work internet googling anything and everything. And I also have to learn how to add Cisco 2811s for each area so at least I can learn something new.