The National Information Assurance Certification and Accreditation Process (NIACAP) is the
minimum standard process for the certification and accreditation of computer and
telecommunications systems that handle U.S. national security information. Which of the following
participants are required in a NIACAP security assessment? Each correct answer represents a
part of the solution. Choose all that apply.
A.
Certification agent
B.
Designated Approving Authority
C.
IS program manager
D.
Information Assurance Manager
E.
User representative
Explanation:
The NIACAP roles are nearly the same as the DITSCAP roles. Four minimum
participants (roles) are required to perform a NIACAP security assessment: IS program manager:
The IS program manager is the primary authorization advocate. He is responsible for the
Information Systems (IS) throughout the life cycle of the system development. Designated
Approving Authority (DAA): The Designated Approving Authority (DAA), in the United States
Department of Defense, is the official with the authority to formally assume responsibility for
operating a system at an acceptable level of risk. Certification agent: The certification agent is also
referred to as the certifier. He provides the technical expertise to conduct the certification
throughout the system life cycle. User representative: The user representative focuses on system
availability, access, integrity, functionality, performance, and confidentiality in a Certification and
of the key participants in the DIACAP process.