Summary

Certification and accreditation (C&A) are important elements in determining the information system security posture of both commercial, industrial, and government IT systems. This chapter covered a number of processes that are available to support C&A, such as the Common Criteria, DIACAP, NIACAP, and DITSCAP. In addition, this chapter reviewed standards relative to certifications along with standardization bodies.

The chapter also discussed the importance of certifications to ensure secure operation of critical IT systems as threats evolve over time.

Finally, we reviewed the major certification types that are important to the e-commerce field and their relationship to each other.

Get Web Commerce Security Design and Development now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.