Our approach to Information Assurance (IA) Certification and Accreditation (C&A) is to apply the highest standard of IA processes to overcome cyber challenges. Our C&A methodology is fully compliant with the Federal Information Security Management Act (FISMA), Sarbanes-Oxley (SOX), and other standards and requirements. OpalSoft’s C&A engineers are well versed in the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and Enterprise Mission Assurance Support Service (eMASS) procedures that help our clients navigate through an increasingly complex Global Information Grid-centric environment.
Our IA resources have streamlined the C&A process to enable a smooth transition to the Risk Management Framework (RMF) Assessment and Authorization (A&A) process. We follow the Risk Management Framework as defined by NIST Special Publications 800-37, 800-53 and FIPS 199 / 200 to:
Our IA engineers will ensure FISMA Compliancy by conducting annual reviews of your information security program, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely and efficient manner.
In addition to our Network and Infrastructure Security Assessments expertise, our staff supports:
Over 80% of our engineers have achieved Certified Information System Security Professional (CISSP) certification and many maintain additional industry and product certifications including Global Information Assurance Certification (GIAC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and Qualified Data Assessor (QSA) certifications.