In many organizations, the Security Authorization (or C&A) process—an essential component of FISMA compliance and other regulations and standards—is time-consuming, costly, complex and inaccurate. Organizations are demanding a faster, simpler, more cost-effective way to create, manage and measure Security Authorization .

SecureInfo RMS simplifies and automates the Security Authorization process and enables organizations to reduce costs, create a standardizedSecurity Authorization program and provide ready access to consistent, quality Security Authorization packages for management reporting and Inspector General audits.SecureInfo RMS supports all phases of the NIST andDIACAP processes, and guides users through the steps necessary to create documentation and artifacts, including POA&Ms (Plan of Action and Milestones).  Using SecureInfoRMS, users develop or review all required documentation in days instead of the weeks or months it can take using traditional methods.  SecureInfo RMS also facilitates communications and sharing of critical information between agencies and departments, adding efficiencies to your Security Authorization processes, resulting in improved security practices.

SecureInfo RMS includes an unmatched content library that links and maps all federal, DoD, and Intelligence Community security requirements to applicable security controls. The SecureInfo RMS content library is continuously updated by our cybersecurity experts to ensure your organization is using the latest appropriate standards for information security risk management and compliance.  This content library can also be easily tailored and extended to meet agency specific information security policy objectives.

SecureInfo RMS Capabilities

• Collaborative Package Management™ – Automate and simplify Security Authorization process by enabling cybersecurityprofessionals to build, manage and collaborate on Security Authorization packages.
• Complete Content Traceability™ – Link regulations, standards, guidance, policies, controls, tests and test results for compliance tracking and reporting.
• Extensible Policy Framework™ – Easily add agency-specific requirements, policies and assessment content to meet unique agency requirements.
• Integrated Microsoft Word Editing – Work with documents using Microsoft Word directly from within RMS.  There’s no need to learn a proprietary editor or be constrained by web-based forms.
• Automated Scoring with SCAP – Import XCCDF Results output from leading third-party scanners to support Continuous Monitoring via automatic scorematching Security Authorization package control assessments.
• Full Text Search –Perform “Google-like” full text search across all accessible Security Authorization packages.
• Workflow– Graphically create workflows to guide users through the Security Authorization process from package creation to ATO.
• CAC/PIV Authentication and Digital Signatures -- Log in to RMS using X.509 smartcards or software certificates.  Sign packages using X.509 certificates, or 'attest' to packages for non-certificate users.
• Delegated Authentication – Delegate user authentication to an enterprise LDAP directory.
• Integrated POA&M Reporting and Management – Reduce time, effort and costs spent documenting and following up on remediation activities with integrated POA&Mand Security Authorization.
• iRTM (Interactive Requirements Traceability Matrix) – Streamline Security Authorization process with a single interface to score tests, identify security weaknesses, and recommend and document remediation activities.
• Integrate Vulnerability Database – Include up-to-date risk mitigation data in Security Authorization packages.
• SecureInfo RMS Dashboard – Gain enterprise-wide visibility and centrally manage and measure Security Authorization projects more effectively with web-based reporting.

More than 70 customers rely on SecureInfo RMS, including Department of Homeland Security, NASA, the United States Army and the United States Air Force.

Benefits

• Simplify and standardize FISMA (NIST , DIACAP) compliance
• Improve FISMA scorecards
• Reduce time required to complete Security Authorization packages by up to 40%
• Reduce internal and third party costs
• Improve cybersecurity security posture
• Maintain ongoing preparedness and situational awareness
• Increase performance visibility with centralized reporting
• Provide a consistent, repeatable, standardized, collaborative Security Authorization program

SecureInfo RMS services

Click here for more information.

---