Page 30 - DCAP516_COMPUTER

Page 30 - DCAP516_COMPUTER_SECURITY

P. 30

Computer Security

Notes such as a risk assessment or other study (e.g., certification), as deemed appropriate by the
accrediting official. The accrediting official needs to be in a position to analyze the pros and cons
of the cost of assurance, the cost of controls, and the risks to the organization. At the end of the
accreditation process, the accrediting official will be the one to accept the remaining risk. Thus,
Design and implementation assurance should be examined from two points of view: the
component and the system. Component assurance looks at the security of a specific product or
system component, such as an operating system, application, security add-on, or
telecommunications module. System assurance looks at the security of the entire system,
including the interaction between products and modules. The selection of assurance methods
should be coordinated with the accrediting official.
In selecting assurance methods, the need for assurance should be weighed against its cost.

Assurance can be quite expensive, especially if extensive testing is done. Each method has
strengths and weaknesses in terms of cost and what kind of assurance is actually being delivered.
A combination of methods can often provide greater assurance, since no method is foolproof,
and can be less costly than extensive testing.

Notes The accrediting official is not the only arbiter of assurance. Other officials who use
the system should also be consulted. (For example, a Production Manager who relies on a
Supply System should provide input to the Supply Manager.) In addition, there may be
constraints outside the accrediting official’s control that also affect the selection of methods.
For instance, some of the methods may unduly restrict competition in acquisitions of
federal information processing resources or may be contrary to the organization’s privacy
policies. Certain assurance methods may be required by organizational policy or directive.

3.3 Planning and Assurance

Assurance planning should begin during the planning phase of the system life cycle, either for
new systems or a system upgrades. Planning for assurance when planning for other system
requirements makes sense. If a system is going to need extensive testing, it should be built to
facilitate such testing.
Planning for assurance helps a manager make decisions about what kind of assurance will be
cost-effective. If a manager waits until a system is built or bought to consider assurance, the
number of ways to obtain assurance may be much smaller than if the manager had planned for
it earlier, and the remaining assurance options may be more expensive.
3.4 Design and Implementation Assurance

Design and implementation assurance addresses whether the features of a system, application,
or component meets security requirements and specifications and whether they are they are
well designed and well built. Design and implementation assurance examines system design,
development, and installation. Design and implementation assurance is usually associated with
the development/acquisition and implementation phase of the system life cycle; however, it
should also be considered throughout the life cycle as the system is modified.

As stated earlier, assurance can address whether the product or system meets a set of security
specifications, or it can provide other evidence of quality. This section outlines the major
methods for obtaining design and implementation assurance.

24 LOVELY PROFESSIONAL UNIVERSITY

25 26 27 28 29 30 31 32 33 34 35