ACAT

Acquisition Category

FCA

Air Force Communications Agency

AIS

Automated Information System

AO

Authorizing Official, also known as the Designated Accrediting Authority

APMS

Army Portfolio Management Solution

ARPA

Advanced Research Project Agency

ATD

Authorization Termination Date

BMA

Business Mission Area

BRM

Business Reference Model

C&A

Certification & Accreditation

CA

Certifying Authority, also known as the Certification Agent

CCA

Clinger Cohen Act (of 1996)

CCB

Configuration Control Board

CCI

Configuration Control Item

CCP

Configuration Control Process

CCRB

Configuration Control Review Board; also called the CCB

CERT

Computer Emergency Response Team

CDD

Capabilities Development Document

CDS

Cross Domain Solutions

CIA

Confidentiality, Integrity and Availability

CIAO

Critical Infrastructure Assurance Office

CIO

Chief Information Officer

CISO

Chief Information Security Officer

CISS

Center for Information Systems Security

CM

Configuration Management

CMB

Configuration Management Board

CMP

Configuration Management Plan

CND

Computer Network Defense

CNSSI

Committee on National Security Systems Instruction

COI

Community of Interest

CONOPS

Concept of Operations

COOP

Continuity of Operations Plan

CPD

Capabilities Production Document

CR

Change Request

CSA

Computer Security Act (of 1987)

CSO

Chief Security Officer, often used interchangeably with CISO

DAA

Designated Approving Authority; Designated Accrediting Authority; also known as the Approving Official (AO)

DAA-R

Designated Accrediting Authority Representative

DADMS

Department of the Navy Application Database Management System

DCID

Director of Central Intelligence Directive

DDOS

Distributed Denial of Service

DHS

Department of Homeland Security

DIACAP

Department of Defense Information Assurance Certification &Accreditation Process (2007)

DIMA

Defense Intelligence Mission Area

DIP

DIACAP Implementation Plan

DISA

Defense Information Systems Agency

DISN

Defense Information Systems Network

DITPR

Department of Defense Information Technology Portfolio Repository

DITSCAP

Department of Defense Information Technology Information Technology Security Certification and Accreditation Process (1997)

DNI

Director of National Intelligence

DOD

Department of Defense

DODD

Department of Defense Directive

DODI

Department of Defense Instruction

DSB

Defense Science Board

DOS

Denial of Service

DSAWG

DOD IA Security Accreditation Working Group

EA

Enterprise Architecture

EIEMA

Enterprise Information Environment Mission Area

eMASS

Enterprise Mission Assurance Support Service

EITDR

Enterprise Information Technology Data Repository

EO

Executive Order

EPHI

Electronic Protected Health Information

FDCC

Federal Desktop Core Configuration

FEA

Federal Enterprise Architecture

FEMA

Federal Emergency Management Agency

FIPS

Federal Information Processing Standard

FISMA

Federal Information Security Management Act

ftp

File Transfer Protocol

GAO

Government Accounting Office

GIG

Global Information Grid

GISRA

Government Information Security Reform Act

GSS

General Support System

HSA

Homeland Security Act

IA

Information Assurance

IAM

Information Assurance Manager

IAO

Information Assurance Officer

IASE

Information Assurance Support Environment

IAVA

Information Assurance Vulnerability Alert

IASL

Information Assurance Senior Leadership

IC

Intelligence Community

ICD

Initial Capabilities Document

IG

Inspector General

IIHI

Individually Identifiable Health Information

IPT

Integrated Process Team

IS

Information System

ISA

Interconnection Security Agreement

ISAC

Information Sharing and Analysis Center

ISSE

Information Systems Security Engineering

ISSM

Information Systems Security Manager

IT

Information Technology

KS

Knowledge Service (DIACAP)

LAN

Local Area Network

LOE

Level of Effort

MA

Major Application

MA

Mission Area

MAC

Mission Assurance Category

MIS

Mission Impact Statement

MIT

Massachusetts Institute of Technology

MNS

Mission Needs Statement

NCSD

National Cyber Security Division

NIAC

National Infrastructure Assurance Council

NIPC

National Infrastructure Protection Center

NIST

National Institute of Standards and Technology

NSA

National Security Agency

NSD

National Security Directive

NSS

National Security System

NSTISSI

National Security Telecommunications and Information Systems Security Instruction

O&M

Operations & Maintenance

OMB

Office of Management and Budget

ORD

Operational Requirements Document

OS

Operating System

PAA

Principal Approving Authority; Principal Accrediting Authority; Primary Approving Authority

PC

Personal Computer

PDA

Personal Digital Assistant

PDD

Presidential Decision Directive

PIA

Privacy Impact Assessment

PII

Personally Identifiable Information

PL

Public Law

PM

Program Manager

POR

Program of Record

R&D

Research & Development

ROI

Return on Investment

ROSI

Return on Security Investment

RTM

Requirements Traceability Matrix

SAISO

Senior Agency Information Security Officer

SAR

Security Assessment Report

SC

Security Category

SCA

Security Controls Assessment

SDLC

System Development Life Cycle

SIP

System Identification Profile

SLA

Service Level Agreement

SLC

System Life Cycle

SME

Subject Matter Expert

SORN

System of Records Notice

SOW

Statement of Work

SP

Special Publication

SRS

System Requirements Specification

SRTM

Security Requirements Traceability Matrix

SSAA

System Security Authorization Agreement

SSP

System Security Plan (or Policy)

ST&E

Security Test and Evaluation

STIG

Security Technical Implementation Guide

TAG

Technical Advisory Group

T&E

Test and Evaluation

TCB

Trusted Computer Base

tcp

Transmission Control Protocol

TCSEC

Trusted Computer System Evaluation Criteria

UCDMO

Unified Cross Domain Management Office

UR

User Representative

USC

United States Code

WMA

Warfighting Mission Area