Mission Description/System Identification

1.1. Identification
1.2. System description
1.3. Functional description
1.4. System ConOps

Environment Description

2.1. Operating environment
2.2. Software development and maintenance
2.3. Threat description

System Architectural Descriptions

3.1. Hardware
3.2. Software
3.3. Firmware
3.4. Interfaces and external connections
3.5. Data flow
3.6. TAFIM DGSA security view
3.7. Boundary

ITSEC System Class

4.1. Interfacing mode
4.2. Processing mode
4.3. Attributing mode
4.4. Mission-reliance factor
4.5. Accessibility factor
4.6. Accuracy factor
4.7. Information categories
4.8. System class level
4.9. Certification analysis level

System Security Requirements

5.1. National/DoD security requirements
5.2. Governing security requisites
5.3. Data security requirements
5.4. Security ConOps
5.5. Network connection rules
5.6. Configuration and change management
5.7. Reaccreditation requirements

Organizations and Resources

6.1. Identification of organizations
6.2. Resources
6.3. Training for certification team
6.4. Roles and responsibilities
6.5. Other supporting groups

DITSCAP Plan

7.1. Tailoring factors
7.2. Tasks and milestones
7.3. Schedule summary
7.4. Level of effort
7.5. Roles and responsibilities