DIACAP

The DoD Information Assurance Certification and Accreditation Process (DIACAP) is the US Department of Defense process to ensure the management of risks on Information Systems (IS). The policy is applied to information systems of DoD- related units and contractors. The DLP aspect of the policy applies to combinations of Personally Identifiable Information (like social security number or credit card number) with sensitive private information, such as health conditions, names of crimes, and ethnicities, to promote compliance with DoD Privacy Program (DoD 5400.11-R) and Privacy of Health Information in DoD Health Care (DoD 6025.18). Additional rules detect confidential information about the corporate network, and confidential documents, according to DoD 8520.1 - Protection of Sensitive Compartmented Information (SCI). This regulation was deprecated in 2014 and replaced by "Risk Management Framework for DoD Information Technology". The transition to the new regulation must be done before the end of 2016. The rules for this policy are:

  • DIACAP: DoD 5400.11-R - Name and Crime
  • DIACAP: DoD 5400.11-R - Name and Ethnicity
  • DIACAP: DoD 5400.11-R - Name and SSN
  • DIACAP: DoD 5400.11-R - SSN and Crime
  • DIACAP: DoD 5400.11-R - SSN and Ethnicity
  • DIACAP: DoD 6025.18 - CCN and Sensitive Disease or drug
  • DIACAP: DoD 6025.18 - Name and Common Medical Condition (Default)
  • DIACAP: DoD 6025.18 - Name and Common Medical Condition (Narrow)
  • DIACAP: DoD 6025.18 - Name and Sensitive Disease (Default)
  • DIACAP: DoD 6025.18 - Name and Sensitive Disease (Narrow)
  • DIACAP: DoD 6025.18 - SSN and Sensitive Disease or Drug
  • DIACAP: DoD 8520.1 - Confidential Document
  • DIACAP: DoD 8520.1 - Proprietary in Header or Footer
  • DIACAP: DoD 8520.1 - Password Dissemination for HTTP Traffic (Wide)
  • DIACAP: DoD 8520.1 - Password Dissemination for HTTP Traffic (Default)
  • DIACAP: DoD 8520.1 - Password Dissemination for HTTP Traffic (Narrow)
  • DIACAP: DoD 8520.1 - Password Dissemination for non-HTTP/S Traffic (Wide)
  • DIACAP: DoD 8520.1 - Password Dissemination for non-HTTP/S Traffic (Default)
  • DIACAP: DoD 8520.1 - Password Dissemination for non-HTTP/S Traffic (Narrow)
  • DIACAP: Network Information and Security (Pattern and IP)
  • DIACAP: Network Information and Security (Textual Pattern)