Certification and Accreditation (C&A)

TCAssociates understands the National and DoD certification and accreditation (C&A) processes, and can successfully execute the activities required by those guidelines (e.g., DoD Information Technology Security Certification and Accreditation Process (DITSCAP), National Information Assurance Certification and Accreditation Process (NIACAP), National Information Security Certification and Accreditation Process (NISCAP), the National Institute Standards and Technology (NIST) 800 series) and security best practices (i.e,. SANS)..  As necessary, we can tailor the C&A processes to the individual agency or site, identify the most effective accreditation option (e.g. site, system or type) and develop the appropriate security documentation (e.g. System Security Authorization Agreement (SSAA), Security Plan, Security Appendices).  We will work with you to define your security requirements, develop and execute the security test and evaluation (ST&E) and successfully complete your C&A.  The C&A activities may include a risk assessment utilizing NIST, NSA or local requirements, ST&E plan and procedures, and vulnerability assessments.  Our vulnerability assessments will be tailored to your needs, such as non-intrusive, penetration or periodic tests.  We can even provide post-accreditation maintenance of your infrastructure.  Our IA experts can provide the best C&A activities and support to meet your needs.