Learn more about establishing and maintaining a secure information environment...
War is always a product of its age; and information systems are one of the primary drivers of war in the age of information. The tools and tactics used to fight the information war have evolved with advances in technology. So, it is no wonder that the tools and tactics needed to defend critical information systems must also evolve.
Certification and Accreditation Process
One of the tools in the defense toolkit is the process known as Certification and Accreditation (C&A). C&A stretches across the Department of Defense (DoD), the Office of the Director of National Intelligence (DNI), the Committee on National Security Systems (CNSS), the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB).
It can be an extremely effective risk-based process in ensuring the implementation of the measures necessary to protect devices, systems and networks. It is therefore essential, for information security professionals to understand this huge and complex body of work, in order to establish and maintain a secure information environment.
New C&A practices reduce redundant activity
The new C&A practices will reduce redundant activity and unnecessary documentation, and will shorten the overall process that has historically affected DoD procurement. The new procedures will also ensure system certifications and accreditations accomplished by one agency are valid for all agencies.
A comprehensive and authoritative guide to C&A
‘The Definitive Guide to the C&A Transformation’ is the first comprehensive manual that sets out to explain the current standards and best practices. The book provides all the information needed to recognize, implement and manage the relevant authorization requirements, and therefore to achieve compliance with federal, local and agency laws and policies. Each chapter not only provides a list of related references but also offers recommendations for additional reading.
Ideal for security practitioners, system administrators, managers, standards developers, evaluators and testers, no other book provides such authoritative guidance on these emerging requirements.
About the Authors
The authors, Dr Julie Mehan and Waylon Krush, together offer more than 35 years of experience in developing C&A policies and, even more importantly, in actually providing hands-on help to organizations, ranging from large federal agencies to commercial entities, to successfully navigate the C&A process.
Start to establish and maintain a secure information environment and purchase this book today!