Assessment and Authorization (A&A):
Our team covers the entire cycle of the risk management framework from categorization, selection of security controls, implementation, assessing, authorizing, and continuous monitoring. We make sure that selected security controls are adequate, appropriate, implemented correctly and operating as intended, as defined in the NIST Special Publications 800-53 series.
Our team develops all kinds of supporting documentation, such as Security Assessment Reports, Security Assessment Plans, System Security Plans, Authorization to Operate (ATO) memorandums, Security Test & Evaluation, Risk Assessment Reports, Privacy Impact Assessments, and Agency-specific documentation.