The following resources may help you better understand Certification and Accreditation:

• Certification and Accreditation 101 www.intranetjournal.com/articles/200406/ij_06_23_04a.html

• Clinger-Cohen Act of 1996 http://akss.dau.mil/DAG/Guidebook/IG_c7.8.asp

• Computer Fraud and Abuse Act of 1986 http://cio.doe.gov/Documents/CFA.HTM

• Computer Security Act of 1987 www.epic.org/crypto/csa/csa.html

• Critical Infrastructure Protection, GAO-01-1168T www.gao.gov/new.items/d011168t.pdf

• Director of Central Intelligence Directive 6/3, Protecting Sensitive Compartmented Information Within Information Systems Policy www.fas.org/irp/offdocs/DCID_6-3_20Policy.htm

• Director of Central Intelligence Directive 6/3, Protecting Sensitive Compartmented Information Within Information Systems Manual www.fas.org/irp/offdocs/DCID_6-3_20Manual.htm

• DoD Information Technology Security Certification & Accreditation Process (DITSCAP) http://iase.disa.mil/ditscap/

• Department of Homeland Security, National Response Plan, December 2004 www.dhs.gov/interweb/assetlibrary/NRP_FullText.pdf

• E-Government Act of 2002 www.whitehouse.gov/omb/egov/g-4-act.html

• Federal Information Processing Standards (FIPS) Publication 199, Standards for the Security Categorization of Federal Information and Information Systems http://csrc.nist.gov/publications/fips/fips199/FIPS-PUB-199-final.pdf

• Federal Information Processing Standards (FIPS) Publication 200, Minimum Security Requirements for Federal Information and Information Systems http://csrc.nist.gov/publications/fips/fips200/FIPS-200-finalmarch.pdf

• Federal Information Technology Security Assessment Framework www.cio.gov/archive/federal_it_security_assessment_framework.html

• Federal Manager s Financial Integrity Act of 1982 www.whitehouse.gov/omb/financial/fmfia1982.html

• Federal Preparedness Circular 65, July 1999 www.usaid.gov/policy/ads/100/fpc65899.pdf

• Homeland Security Presidential Directive (HSPD-7) www.whitehouse.gov/news/releases/2003/12/20031217-5.html

• National Information Assurance Certification and Accreditation Process www.nstissc.gov/Assets/pdf/nstissi_1000.pdf

• National Response Plan, December 2004 www.dhs.gov/interweb/assetlibrary/NRPbaseplan.pdf

• NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems http://csrc.nist.gov/publications/nistpubs/800-37/SP800-37-final.pdf

• Office of Management and Budget (OMB), Circular A-130, Appendix III www.whitehouse.gov/omb/circulars/a130/a130appendix_iii.html

• Presidential Decision Directive 63, Critical Infrastructure Protection www.fas.org/irp/offdocs/pdd-63.htm

• The Privacy Act of 1974 www.usdoj.gov/oip/privstat.htm