https://community.isc2.org/t5/Exam-Preparation/Need-Assistance-in-Understanding-Difference-Between/m-p/39834#M3253 &gt; mitewarrior (Viewer) posted a new topic in Exam Preparation on 10-08-2020 02:13<BR /><BR />&gt; I just<BR />&gt; wanted to understand on the difference between Certification and Accreditation.<BR /><BR />Certification (of a system, not a security professional) is the process of testing<BR />and assessment to ensure that the system does what it is supposed to do, and will<BR />have the impact on security, and provide the protection, that the<BR />client/customer/system owner expects. (Certification may be part of the<BR />assurance requirements for security overall, and may be based on the functional<BR />requirements.)<BR /><BR />Accreditation is the formal acceptance, by senior management or the system<BR />owner, of the system. In a perfect world, one would expect accreditation to rely<BR />on certification. However, there are cases where senior management may accredit<BR />a system where certification has taken place, or refuse to accredit a system that<BR />has passed certification.<BR /><BR />======================<BR />rslade@gmail.com rmslade@outlook.com rslade@computercrime.org<BR />"If you do buy a computer, don't turn it on." - Richards' 2nd Law<BR />"Robert Slade's Guide to Computer Viruses" 0-387-94663-2<BR />"Viruses Revealed" 0-07-213090-3<BR />"Software Forensics" 0-07-142804-6<BR />"Dictionary of Information Security" Syngress 1-59749-115-2<BR />"Cybersecurity Lessons from CoVID-19" CRC Press 0367682699<BR />============= for back issues:<BR />[Base URL] site <A href="http://victoria.tc.ca/techrev/" target="_blank">http://victoria.tc.ca/techrev/</A><BR />CISSP refs: [Base URL]mnbksccd.htm<BR />PC Security: [Base URL]mnvrrvsc.htm<BR />Security Dict.: [Base URL]secgloss.htm<BR />Security Educ.: [Base URL]comseced.htm<BR />Book reviews: [Base URL]mnbk.htm<BR />[Base URL]review.htm<BR />Partial/recent: <A href="http://groups.yahoo.com/group/techbooks/" target="_blank">http://groups.yahoo.com/group/techbooks/</A><BR /><A href="http://en.wikipedia.org/wiki/Robert_Slade" target="_blank">http://en.wikipedia.org/wiki/Robert_Slade</A><BR /><A href="https://is.gd/RotlWB" target="_blank">https://is.gd/RotlWB</A> <A href="http://twitter.com/rslade" target="_blank">http://twitter.com/rslade</A><BR /><A href="http://blogs.securiteam.com/index.php/archives/author/p1/" target="_blank">http://blogs.securiteam.com/index.php/archives/author/p1/</A> Thu, 08 Oct 2020 18:37:01 GMT rslade 2020-10-08T18:37:01Z https://community.isc2.org/t5/Exam-Preparation/Need-Assistance-in-Understanding-Difference-Between/m-p/39833#M3252 <P>Am really sorry if this post is not at all related to this forum as i have recently joined so am not sure exactly on the terms. But i just wanted to ask a question to be clarified regarding my CISSP exam preperation.<BR />I just wanted to understand on the difference between Certification and Accreditation. If a person "A" designing and evaluating a system in a environment does not report correctly and the same report goes to the management for accreditation review and for some unfortunate reasons the system fails so the onus would be on the management who had signed it or on the person "A" who had missed to report the details evaluated correctly.</P> Thu, 08 Oct 2020 18:13:11 GMT https://community.isc2.org/t5/Exam-Preparation/Need-Assistance-in-Understanding-Difference-Between/m-p/39833#M3252 mitewarrior 2020-10-08T18:13:11Z https://community.isc2.org/t5/Exam-Preparation/Need-Assistance-in-Understanding-Difference-Between/m-p/39834#M3253 &gt; mitewarrior (Viewer) posted a new topic in Exam Preparation on 10-08-2020 02:13<BR /><BR />&gt; I just<BR />&gt; wanted to understand on the difference between Certification and Accreditation.<BR /><BR />Certification (of a system, not a security professional) is the process of testing<BR />and assessment to ensure that the system does what it is supposed to do, and will<BR />have the impact on security, and provide the protection, that the<BR />client/customer/system owner expects. (Certification may be part of the<BR />assurance requirements for security overall, and may be based on the functional<BR />requirements.)<BR /><BR />Accreditation is the formal acceptance, by senior management or the system<BR />owner, of the system. In a perfect world, one would expect accreditation to rely<BR />on certification. However, there are cases where senior management may accredit<BR />a system where certification has taken place, or refuse to accredit a system that<BR />has passed certification.<BR /><BR />======================<BR />rslade@gmail.com rmslade@outlook.com rslade@computercrime.org<BR />"If you do buy a computer, don't turn it on." - Richards' 2nd Law<BR />"Robert Slade's Guide to Computer Viruses" 0-387-94663-2<BR />"Viruses Revealed" 0-07-213090-3<BR />"Software Forensics" 0-07-142804-6<BR />"Dictionary of Information Security" Syngress 1-59749-115-2<BR />"Cybersecurity Lessons from CoVID-19" CRC Press 0367682699<BR />============= for back issues:<BR />[Base URL] site <A href="http://victoria.tc.ca/techrev/" target="_blank">http://victoria.tc.ca/techrev/</A><BR />CISSP refs: [Base URL]mnbksccd.htm<BR />PC Security: [Base URL]mnvrrvsc.htm<BR />Security Dict.: [Base URL]secgloss.htm<BR />Security Educ.: [Base URL]comseced.htm<BR />Book reviews: [Base URL]mnbk.htm<BR />[Base URL]review.htm<BR />Partial/recent: <A href="http://groups.yahoo.com/group/techbooks/" target="_blank">http://groups.yahoo.com/group/techbooks/</A><BR /><A href="http://en.wikipedia.org/wiki/Robert_Slade" target="_blank">http://en.wikipedia.org/wiki/Robert_Slade</A><BR /><A href="https://is.gd/RotlWB" target="_blank">https://is.gd/RotlWB</A> <A href="http://twitter.com/rslade" target="_blank">http://twitter.com/rslade</A><BR /><A href="http://blogs.securiteam.com/index.php/archives/author/p1/" target="_blank">http://blogs.securiteam.com/index.php/archives/author/p1/</A> Thu, 08 Oct 2020 18:37:01 GMT https://community.isc2.org/t5/Exam-Preparation/Need-Assistance-in-Understanding-Difference-Between/m-p/39834#M3253 rslade 2020-10-08T18:37:01Z