Network/System Certification and Accreditation (C&A)
Abstract
This activity sustains the Risk Management Framework (RMF) and Controls Validation Testing (CVT) activities, analysis of validation results, risk assessments, and reviews of proposed Program Manager/Information Assurance Manager (PM/IAM) Plans of Action and Milestones (POA&Ms) for MDA Command and Control, Battle Management and Communications (C2BMC) mission systems. It maintains the Certification and Accreditation (C&A) data repository, capturing the RMF documentation (artifacts, validation results, and Information Assurance Risk Assessment results, and Designated Approving Authority (DAA) accreditation decisions) and POA&M on all MDA information systems. This project supports the monitoring and tracking of Cybersecurity, mitigations detailed in Information Technology security POA&Ms. Activities include preparation of C&A documentation and accreditation recommendations to the MDA Senior Information Assurance Officer (SIAO)/Certification Authority (CA) and DAA. Independent Verification and Validation (IV&V) team actions ensure the availability, integrity, authentication, confidentiality, and non-repudiation of the MDA mission, test, and administrative systems. Activities in the Project are necessary to comply with the Federal Information Security Management Act (FISMA).
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2017
- Source ID
- 435d4406b83c514f1301f25437d77376