The purpose of this Web page is to provide you with guidance about documenting your accreditation boundary. Knowing the accreditation boundary of your VTF is a very important part of protecting the information that is vital to your mission. For more information about your VTF’s accreditation boundary, please consult your organization’s policy and IA personnel.
What is an Accreditation Boundary?
According to the Committee on National Security Systems Instruction No. 4009, "National Information Assurance (IA) Glossary," as revised June 2006, the accreditation boundary identifies the information resources covered by an accreditation decision, as distinguished from separately accredited information resources that are interconnected or with which information is exchanged via messaging. The personnel that manage and utilize your information system are considered part of your information system’s accreditation boundary, though they are not considered part of the system itself.
Remember, if a resource is already a part of another accredited information system, it will not be inside the accreditation boundary of your VTF.
IA Responsibility & Accreditation Boundaries
According to Title 40, Subtitle III, Chapter 113, Subchapter II, Section 11312 of the Clinger-Cohen Act of 1996, the agency that funds an information system is responsible for assessing and managing the risks of that information system. Thus the organization that funded the VTF is responsible its information assurance.
Non DISA-Owned VTF Accreditation Boundary
If your VTF is not funded and owned by DISA, then it is not a part of the DISN Video Services (DVS) accreditation boundary. In this case, your organization needs to define the accreditation boundary of your VTF based on your organization’s guidelines. Then follow your organization’s DIACAP process, and/or the VTF DIACAP process as outlined in the VTF DIACAP page.
DISA-Owned VTF Accreditation Boundary
If your VTF is funded and owned by DISA, then your VTF is considered a part of the DVS information system’s accreditation boundary. In this case, you should follow the VTF DIACAP process as outlined in the VTF DIACAP page.
For more information about your accreditation boundary, check with your IA team, DISA Field Security Operations (FSO), your DAA representative, and DoD and DISA policy.