You are here

Certification and Accreditation


Our approach to Information Assurance (IA)  Certification and Accreditation (C&A) is to apply the highest standard of IA processes to overcome cyber challenges. Our C&A methodology is fully compliant with the Federal Information Security Management Act (FISMA), Sarbanes-Oxley (SOX), and other standards and requirements. OpalSoft’s C&A engineers are well versed in the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and Enterprise Mission Assurance Support Service (eMASS) procedures that help our clients navigate through an increasingly complex Global Information Grid-centric environment.


Our IA resources have streamlined the C&A process to enable a smooth transition to the Risk Management Framework (RMF) Assessment and Authorization (A&A) process. We follow the Risk Management Framework as defined by NIST Special Publications 800-37, 800-53 and FIPS 199 / 200 to:

  • Categorize your information system in accordance with DoDI 8500.2
  • Select the baseline security controls
  • Implement the security controls
  • Determine the effectiveness of the implemented controls
  • Support the Assessment and Authorization (A&A) process
  • Continuously track changes to your information system that may affect security control effectiveness

FISMA Compliancy

Our IA engineers will ensure FISMA Compliancy by conducting annual reviews of your information security program, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely and efficient manner.