Certification and Accreditation


Our approach to Information Assurance (IA) Certification and Accreditation (C&A) is to apply the highest standard of IA processes to overcome cyber challenges. Our C&A methodology is fully compliant with the Federal Information Security Management Act (FISMA), Sarbanes-Oxley (SOX), and other standards and requirements. OpalSoft’s C&A engineers are well versed in the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and Enterprise Mission Assurance Support Service (eMASS) procedures that help our clients navigate through an increasingly complex Global Information Grid-centric environment.


Our IA resources have streamlined the C&A process to enable a smooth transition to the Risk Management Framework (RMF) Assessment and Authorization (A&A) process. We follow the Risk Management Framework as defined by NIST Special Publications 800-37, 800-53 and FIPS 199 / 200 to:

  • Categorize your information system in accordance with DoDI 8500.2
  • Select the baseline security controls
  • Implement the security controls
  • Determine the effectiveness of the implemented controls
  • Support the Assessment and Authorization (A&A) process
  • Continuously track changes to your information system that may affect security control effectiveness
FISMA Compliancy

Our IA engineers will ensure FISMA Compliancy by conducting annual reviews of your information security program, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely and efficient manner.

  • Perform vulnerability assessments to evaluate the strength of your organization's defense against attacks
  • Prepare reports to assist and guide you on how to prepare and react to incidents
  • Perform security testing and attempt to circumvent your system security features in order to pinpoint weaknesses
FISMA Compliance Certification

In addition to our Network and Infrastructure Security Assessments expertise, our staff supports:

  • Design and architecture of security solutions
  • PrepareReview and development of security policies
  • PerformCertification and Accreditation for FISMA compliance

Over 80% of our engineers have achieved Certified Information System Security Professional (CISSP) certification and many maintain additional industry and product certifications including Global Information Assurance Certification (GIAC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and Qualified Data Assessor (QSA) certifications.