the entire IS as necessary. Additionally, Certifiers must ensure that the recertification effort is
reported to the DAA for continued approval to operate.
Terminal Objective:
Given an information system, the System Certifiers will explain and apply a
recognized methodology leading to the security certification of that system in accordance
with a prescribed set of criteria (i.e., the International Common Criteria), and provide an
accreditation recommendation to the DAA for consideration in the accreditation decision.
To be acceptable, the certification must be performed in accordance with applicable
INFOSEC regulations, policies and guidelines.
List of Performance Items Under Competencies
In each of the competency areas listed below, the System Certifiers shall perform the
following functions:
1. DOCUMENTING MISSION NEED
a. Knowledge and/or Awareness of Security Laws
1) identify relevant nation-state security laws, treaties, and/or agreements;
2) interpret nation-state security laws, treaties, and/or agreements in relation
to mission accomplishment;
3) relate the identified nation-state security laws, treaties, and/or agreements
to the mission needs;
4) discuss identified nation-state security laws, treaties, and/or agreements
with involved site personnel; and
5) explain interpretation in support or denial of certification to involved site
personnel.
b. Coordination with Related Disciplines
1) identify the related disciplines required for accomplishing the IS
certification; and
2) discuss mission-specific discipline relationships and IS requirements with
involved site personnel.
c. Understand Mission
1) study the mission critical elements, to include system mission, functions,
and system interfaces;
2) verify that mission critical elements are completely identified (e.g.,
operational procedures and classification requirements);
3) confirm the mission description is complete as it relates to documented IS
needs, to include system life cycle;
4) discuss the interpretation of mission critical elements in support or denial of
certification with involved site personnel; and