We are sure that there will be questions about the how and why we did things, so please post comments/suggestions. The attached are sanitized samples from one of our previous engagements and while not the all encompassing end deliverable, they should provide a good starting point.

We are offering these up, at no charge, to try and help with what it really means to be DIACAP compliant. Our goal is to move the focus of IA into implementation and execution, not C&A automated tools or documentation circles. Like any template or automated tool, the information is only as good as the person writing it. The templates do not cure cancer, guarantee success or enable you to just paste in your system name--they give you a starting point.

Once we are finished posting our internal library, there should be no reason to spend money on automated solutions to produce C&A documentation, thus enabling you to spend your limited IA dollars more wisely by focusing on engineering secure and compliant solutions.

And of course, one caveat:

-Government Personnel, defined as Civil Service and Military personnel: Use, abuse and change the templates as much as you see fit. You are more than welcome to remove the "Template Developed by I-Assure, http://www.i-assure.com" text on the front page--but of course, it would be nice if you keep it .

-Contractors, defined as anyone not in the above category, that plans on using our templates to support their contracts with the Government: Modify the templates as you see fit, but you are required to keep the "Template Developed by I-Assure, http://www.i-assure.com" text on the front page.

NOTE: The below IA Controls are not present in the attached Artifacts
DCAR-1
ECDC-1
ECML-1
ECND-1, ECND-2
PEDD-1

	Post Attachments
	Audit_Design_Artifact.doc (6,545 views, 1.01 MB) Change_Control_Board_(CCB)_Charter_Artifact.doc (5,421 views, 133.00 KB) Contingency_and_Business_Continuity_Plan_(CBCP)_Artifact.doc (4,610 views, 187.00 KB) Cryptographic_Subsystem_Artifact.doc (4,391 views, 120.00 KB) IA_Acquisition_Artifact.doc (4,774 views, 114.00 KB) Identification_and_Authentication_Subsystem_Artifact.doc (4,882 views, 147.50 KB) Incident_Response_Plan_(IRP)_Artifact.doc (4,439 views, 272.50 KB) Interconnections_Artifact.doc (4,399 views, 105.00 KB) Personnel_Security_Artifact.doc (4,153 views, 907.00 KB) Physical_and_Environmental_Artifact.doc (4,650 views, 143.50 KB) Remote_Access_Artifact_Security.doc (3,804 views, 130.00 KB) Security_Design_Document_(SDD)_Artifact.doc (6,293 views, 238.00 KB) Security_Test_Plan_(STP)_Artifact.doc (5,437 views, 134.50 KB) Vulnerability_Management_(VMP)_Artifact.doc (4,709 views, 115.50 KB) Configuration_Management_Plan_(CMP)_Artifact_v1.1.doc (3,623 views, 415.50 KB)