0
According to DoD 8510.01 (DIACAP), paragraph 5.16.8, the Program Manager (PM) or System Manager (SM) shall:
"Ensure annual reviews of assigned ISs required by FISMA are conducted."
So reviews must occur at least once a year.
Wiki User
∙ 12y ago
Add your answer:
Earn +20 pts
How many years does your DIACAP requires you to review your IA posture?
DIACAP requires you to review your IA posture at least annually for as long as the system is in operation (or every 6 months if it is a MAC I system).
DIACAP requires you to review your IA posture?
Yes - DIACAP requires you to review your IA posture. DoDI 8510.2 (DIACAP) and DoDI 8500.2 both require that the IA posture of all systems belonging to an organization must be reviewed at least once a year. Furthermore, the system must be assessed and undergo reaccreditation by the Principal Accredditation Authority (PAA) - which generally means the DAA - at least every 3 years.
The dod instruction which covers diacap states that the ia posture of an organization will be reviewed every two?
No - DIACAP required that the posture be at least partially reviewed every year (for the Annual Security Review - aka ASR) except for very sensitive systems that must be reviewed more often - usually every six months. A comprehensive review is required every 3 years under DIACAP.
What covers DIACAP states that the IA posture of an organization will be reviewed every two years?
DIACAP (DoD 8510.01) requires organizations to abide by DoDI 8500.2. Paragraph 4.9 of 8500.2 states:4.9. All DoD ISs with an authorization to operate (ATO) shall be reviewed annually to confirm that the IA posture of the IS remains acceptable. Reviews will include validation of IA controls and be documented in writing.Note that it is the IA posture of the SYSTEM that is reviewed rather than the organization and that the review is EVERY YEAR, not just every 2 years.
How many times do you take DIACAP?
A DIACAP review has to be executed for every new system, for every major change to an existing system, and at least every 3 years for any currently accredited system.
IA posture of an organization will be reviewed every two years?
For US DoD systems: under DIACAP, the IA posture of an organization should be reviewed at least annually. All systems must undergo a complete review at least every 3 years but should also undergo at least a partial review every year (annual security review). More sensitive and more critical systems may be required to undergo review more often - some as often as every 6 months. NIST recommends pretty much the same.
How often does DIACAP require you to review the IA posture of your system?
According to DODI 8510.01 (DIACAP), paragraph 4.9:"All DoD ISs with an authorization to operate (ATO) shall be reviewed annually to confirm that the IA posture of the IS remains acceptable. Reviews will include validation of IA controls and be documented in writing."Note that in the case of a MAC I system, the reviews should occur semi-annually, i.e. every six months.
The dod instuction which covers diacap states that the ia posture of an organization will be reviewed every two years?
FalseThe relevant DoD Instruction is DoDI 8500.2, but it should be noted that the IA posture must be reviewed at least once a year, not just every two years.DoDI 8510.2 (DIACAP) also cites DoDI 8500.2, which requires that the IA posture of all systems belonging to an organization must be reviewed at least once a year.Furthermore, the system must be assessed and undergo reaccreditation by the Principal Accredditation Authority (PAA) - which generally means the DAA - at least every 3 years.
The dod instruction which covers diacap states that the ia posture of an organization will be reviewed every two years?
There is NO DoD instruction that states that IA posture gets reviewed every two years; the relevant DoD Instruction is DoDI 8500.2, but it states that the IA posture must be reviewed at least once a year, not just every two years.DoDI 8510.2 (DIACAP) also cites DoDI 8500.2, which requires that the IA posture of all systems belonging to an organization must be reviewed at least once a year.Furthermore, the system must be assessed and undergo reaccreditation by the Principal Accredditation Authority (PAA) - which generally means the DAA - at least every 3 years.
Does DIACAP state that the IA posture of an organization will be reviewed every two years?
DoDI 8510.2 and DoDI 8500.2 require that the IA posture of all systems belonging to an organization must be reviewed at least once a year. Furthermore, the system must be assessed and undergo reaccreditation by the Principal Accredditation Authority (PAA) - which generally means the DAA - at least every 3 years.
Does DIACAP state that the information assurance posture of a organization will be reviewed every two years?
DoDI 8510.2 and DoDI 8500.2 require that the IA posture of all systems belonging to an organization must be reviewed at least once a year. Furthermore, the system must be assessed and undergo reaccreditation by the Principal Accredditation Authority (PAA) - which generally means the DAA - at least every 3 years.
Does an IA posture of an organization have to be reviewed every two years?
According to DoD regulations, the IA posture of any DoD organization must be reviewed at least annually. FISMA requires that the IA posture of all US government organizations be reviewed at least annually. Many other nations have adopted similar requirements for organizations that they regulate. It should be noted however that the IA postures of paticularly sensitive and/or critical systems need to be reviewed more frequently - perhaps twice a year or even more often depending on the system.
