Certification and Accreditation: A madmans dilemma - Controls

by Robert Edwards
Sept. 1, 2017 0 comments SANS Institute auditing & assessment

During the Certification and Accreditation of an Information System an organization defines what supporting documentation is needed in order to accredit the information system in question. But each accreditation process is different in that the requirements needed depends on what you are accrediting either a Major Application or a General Support System. But you still need to remember what exactly you are accrediting.

https://www.sans.org/reading-room/whitepapers/auditing/certification-accreditation-madmans-dilemm...