The VTF DIACAP Scorecard Matrix is the most efficient and effective way to translate DISA STIG Checklist assessment results into a completed DIACAP Scorecard for your VTF information system. The Scorecard Matrix also shows the total number of CAT I, CAT II, and CAT III vulnerabilities in your system.
If you are using an automated process like eMass, then the completed Scorecard Matrix can be used as an artifact to summarize your information system's compliance status with all applicable STIG and 8500.2 requirements.
Download VTF DIACAP Scorecard Matrix Instructions
Download the VTF DIACAP Scorecard Matrix instructions (MS PowerPoint, 3,748KB)
Download VTF DIACAP Scorecard Matrix
There are several Scorecard Matrices. Which Scorecard Matrix you need depends on:
- The Mission Assurance Category (MAC) and Confidentiality Level (CL) of your VTF
- The type of connectivity you need (IP and/or ISDN)
- The type of equipment you have inside the accreditation boundary of your VTF
- Advice from your Certification Authority (CA)
If you are uncertain about the items listed above, please return to Steps 1, 2, and 3 of the VTF DIACAP process.
If your VTF utilizes only IP or both IP and Dial-Up:
MAC I Classified Scorecard Matrix for IP & ISDN (MS Excel, 907KB)
MAC II Classified Scorecard Matrix for IP & ISDN (MS Excel, 924KB)
MAC III Classified Scorecard Matrix for IP & ISDN (MS Excel, 922KB)
If your VTF utilizes only Dial-Up:
MAC I Classified Scorecard Matrix for ISDN (MS Excel, 571KB)
MAC II Classified Scorecard Matrix for ISDN (MS Excel, 585KB)
MAC III Classified Scorecard Matrix for ISDN (MS Excel, 574KB)