Securing the United States against cyber-attack is one of the nation’s highest priorities. To achieve this goal, computer network defense systems and security operations teams must defend against a variety of internal and external threats. Many C&A processes do not align with the urgent needs of missions and the end users that are mandated to follow it, and in the end, do not completely assure that information systems are effectively secured to guard against the Advanced Persistent Threat. The primary goal of C&A is to obtain an Authority to Operate (ATO), and comply with the Office of Management and Budget (OMB) Federal Information Security Management Act (FISMA) of 2002 (i.e., Risk Management Framework (RMF) – National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37, R1, Guide for Applying the RMF to Federal Information Systems: A Security Life Cycle Approach).
ID has extensive experience, and a measurable track record, attaining accreditation for numerous information systems to include those operated by the Department of Defense (DOD) and Civilian Agencies. In addition, ID's engineering team consists of certified individuals with computer network defense (CND) subject-matter-expertise, and FISMA/DOD-compliant qualifications such as the CISSP, CISM and CAP. This experience, combined with certified quality employees, allows ID to streamline the C&A process so that mission needs always align with compliance requirements.