Certification and Accreditation of Pontius Research Paper

Open, View, and/or
Download this Document

Total Length: 1275 words ( 4 double-spaced pages)

Total Sources: 5

Page 1 of 4

Security categorizations are defined as per the level of effort needed for certification. Three categorization levels of security exist and are defined as follows:

This table has the definitions the three main security categorizations degree of effort based on them

This table shows the required SSP sections that are needed for systems in each of security categorizations.

When the initiation phase comes to an end, then the certification phase commences.

Certification

06/01

In this phase, the team mandated with certification evaluates the entire information system in order to determine whether the security requirements have been satisfied. They then proceed to identify any deficiencies or vulnerabilities. The corrections of the deficiencies/vulnerabilities that are severe enough to prevent system operation from being approved are a responsibility of the System Owner

System Security Plan. The SSP must bear a reflection the current system status. If there are modifications to the system security controls due to the certification evaluation process, then the System Owner is supposed to update the SSP in order to reflect these modifications.

Security Assessment Report. This is the report compiled by thecertification team detailing the security evaluation, and the extent to which the idesigned nformation system can satisfy the security requirements.

Plan of Action and Milestones. This is a description of all the measures that are implemented or planned in order to correct the deficiencies and to reduce or eliminate totally the vulnerabilities. The System Owner then makes a documentation of the deficiencies/vulnerabilities that identified by the certification team. For the deficiencies or vulnerabilities that are not severe enough to require immediate solution, the System Owner then is forced to documents the corrective action that is planned for completion when the evaluated system gets a teemporary authorization in order to operate from the DAA.

When the certification phase ends and the System Owner is then ready to send the accreditation package to the DAA.

Stuck Writing Your "Certification and Accreditation of Pontius" Research Paper?

View All Our Example Certification and Accreditation of Pontius Research Paper

Have A Custom Example Essay Written

What begins next is the accreditation phase

Accreditation

The accreditation phase has the purpose to determining if the information system satisfies the security requirements sufficient to it to be allowed to operate. The System Owner then transmits the package for accreditation to the DAA. When the security accreditation package by the DAA, he or evaluates status of the system the makes a decision. The DAA can the issue decisions:

Authorization to Operate (ATO). The information system is given the go ahead to operate without any form of limitations or restrictions.

Interim Authorization to Operate (IATO). The information system is allowed to operate within limited period of time at a greater risk to PONTIUS, errors are corrected in the process.

Denial of Authorization to Operate (DATO). The information system is never allowed to operate.

Certification and Accreditation Flow chart

This drawing illustrates the four phases that are involved in a C & a processes as described in this document. Each phase is color coded so as to correspond to the first chart found that is found on this article paper......

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Certification And Accreditation Of Pontius" (2010, March 03) Retrieved May 18, 2024, from
https://www.aceyourpaper.com/essays/certification-accreditation-pontius-293

Latest MLA Format (8th edition)

Copy Reference
"Certification And Accreditation Of Pontius" 03 March 2010. Web.18 May. 2024. <
https://www.aceyourpaper.com/essays/certification-accreditation-pontius-293>

Latest Chicago Format (16th edition)

Copy Reference
"Certification And Accreditation Of Pontius", 03 March 2010, Accessed.18 May. 2024,
https://www.aceyourpaper.com/essays/certification-accreditation-pontius-293
   

Open, View, and/or
Download this Document
order custom essay example