|
Compliance Assessment & Validation Services
Certification
and Accreditation (C&A)
Services
Our staff has extensive knowledge and hands on experience with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), Department of Defense Information Technology Security Certification and Accreditation Process (DITSCAP), Director of Central Intelligence Directive 6/3 (DCID 6/3), National Information Assurance Certification and Accreditation Process (NIACAP) and a variety of other DoD Component and Federal specific C&A processes. Our personnel can provide any level of C&A services needed to obtain mandatory certification credentials. Our C&A services include, but are not limited to, definition, threat assessment, verification, validation, documentation, and delivery of draft or finalized documentation associated with all phases of C&A processes. Our vast experience includes support of fielded and developmental systems for both end customers and product vendors.
Under the DIACAP, we work closely with each customer to ensure success under each phase of the process, from development of an IA Implementation Plan and System Identification Profile (SIP), identification and mapping of baseline and any additional more restrictive IA controls, system registration, development of IA control test actions if unavailable through the Knowledge System, validation of IA controls, drafting an applicable Plan of Action and Milestones (POA&M), and the required (at least) annual validation of IA controls for the information system. We also provide hands on DIACAP training to our customers throughout the process and have CNSS Certified DIACAP training curriculum taught by experienced analysts to assist the customer with maintenance and revalidation of IA controls over the system’s lifecycle.
For our Air Force customers, we are also experienced and fully capable of assisting them in compliance with requirements for the IT Lean process, and developing and fielding Secure, Interoperable, Supportable, Sustainable and Usable (SISSU) information technology systems. Our personnel have extensive experience in supporting these specific programs from both hands on and policy development perspectives. In short, the DS3 C&A team is qualified, and immediately prepared to expertly conduct the full range of C&A related activities under a variety of formal DoD and Air Force C&A processes.
We have personnel assigned to government contracts at a wide number of customer locations who provide the full spectrum of C&A tasks and deliverables. We also have a large staff of full time C&A analysts and engineers at our corporate location available to conduct C&A support services for customers not requiring full time on-site C&A support. At any given time you’ll find this staff working a variety of C&A projects at both our facility and in customer premises, including overseas locations. Many customers in high cost areas or areas without a sizable presence of experienced C&A personnel find this a particularly valuable and cost saving option. Our full time corporate C&A staff also provide in-depth reach-back support for our personnel working at customer locations. When you bring DS3 to the table for C&A support services, you do not simply get the assigned personnel and their skills and experience, but the combined experience and talents of our entire C&A support staff.
In December 2006, we completed a comprehensive and resource intensive 14 month process to certify our C&A processes to Capability Maturity Model (CMM) Maturity Level 3 to codify and ensure continued improvement of our successful C&A services.
White Paper: 10 Tips on Cutting Costs for C & A
|
