Certification & Accreditation Services
With thousands of C&A packages created and managed, SecureInfo’s C&A Services deliver the expertise and documentation you need to achieve FISMA C&A compliance, demonstrate that compliance to the Inspector General and mitigate information security risk.
SecureInfo C&A Services provide a thorough security assessment by our information assurance experts who build and deliver a comprehensive C&A package. The C&A package includes all the required documentation and reports detailing the plan and assessment results. It is prepared in accordance with agency needs, applicable standards such as NIST, DIACAP or DoDIIS and best practices.
SecureInfo develops all categories of accreditation packages – system accreditation, for major applications or general support systems; site certification/accreditation for systems and applications at specific self-contained locations; and type accreditation for systems or applications distributed across multiple locations.
SecureInfo takes advantage of SecureInfo RMS, our industry-leading C&A process automation product, to develop C&A packages. SecureInfo RMS simplifies and speeds the C&A process and enables our information assurance experts to provide consistent, comprehensive deliverables drawn from an extensive library of regulatory content.
SecureInfo also provides Independent Verification and Validation (IV&V) services to evaluate the correctness and quality of C&A work performed by internal resources or external contractors. We perform IV&V of System Security Plans and Security Categorization, verify that correct security controls are selected, create Security Assessment Plans, conduct Security Assessments and create Security Assessment Reports for each system tested. Our IV&V process ensures that C&A’s are standardized, correct and complete.
Benefits
- Simplify and standardize NIST, DIACAP and DoDIIS compliance
- Meet FISMA requirements and improve FISMA scores by providing comprehensive, standardized, quality C&A documentation
- Improve security posture by incorporating risk evaluation and risk mitigation recommendations
- Quickly comply and build a sustainable, affordable C&A program
"Just a note to thank you for the contractors from SecureInfo. We are extremely pleased with their efforts and their knowledge of the C&A process. Is there anyway we can keep them!?"
Project Manager,
Federal agency sub-division
