Home - Services - Cybersecurity Risk Management Services

Security Authorization (C&A)

SecureInfo’s team of professionals has created, managed and/or assessedthousands of Security Authorization (or C&A) packages.Our goal when providing Security Authorization services is to mitigate cybersecurity risk and meetFISMA and other related requirements.  Our team of professionals is able to successfully achieve these goals based upon many years of successfully applying the latest standards, guidelines and/or directives including those provided by the Office of Management and Budget (OMB), the National Institute of Standards and Technology (NIST), the Department of Defense (DOD) and the Intelligence Community (IC).

SecureInfo has developed Security Authorization (or C&A) packages or completed comprehensive independent assessments for all types and sizes of information technology assets.  These systems include general support systems, major applications, networks classified at various levels, supervisory control & data acquisition systems (SCADA) and specialized networking or communications equipment. We know how to leverage inheritance and type accreditation techniques to reduce the burden associated with the Security Authorization process.  In fact we serve on policy making bodies to impact FISMA related programs across large parts of the federal government.

SecureInfo also provides independent assessmentor independent verification and validation (IV&V) services to evaluate the correctness and quality of Security Authorization work performed by internal resources or external contractors.  We perform assessments of System Security Plans and Security Categorization, verify that correct security controls are selected, create Security Assessment Plans, conduct Security Assessments (including vulnerability assessments) and create Security Assessment Reports for each system evaluated.

Benefits

  • Improve cybersecurity posture through the application of relevant regulations, standards and guidelines.
  • Simplify and standardize NIST, DIACAP and DoDIIS compliance
  • Meet FISMA requirements and improve FISMA scores by providing comprehensive, standardized, quality Security Authorization (C&A) documentation
  • Quickly build an effective, sustainable and affordable Security Authorization program

Click here for more information.