Information Assurance Planning - Highlights

DITSCAP-qualified staff with 25 years combined experience in planning and performing
   DITSCAP activities on mission critical
   systems

Established DITSCAP/DIACAP-based
   methodology for conducting mission
   critical certification and accreditation
   (C&A)

Custom Software Certification &
   Accreditation Plan for certifying custom
   application software

  Custom-tailored enterprise-level risk
    assessment methodology

  IA policy/procedures
    development/implementation

  Development and Implementation of
    effective & appropriate IA Controls

  IA Policies / Procedures

  Complex architecture analysis
    integration facilitates True Defense in Depth IA Posture

Information Assurance Planning:  Example Projects

  Integrated Proven Anti-Tamper (AT) Processes into the Systems Development Lifecycle

  Ballistic Missile Defense System (BMDS) Information Assurance (IA) Cross-Element Test
    Planning (DIACAP)

  Ballistic Missile Defense System (BMDS) Multi-Element Integrative Risk Analysis

  Integrated Proven Anti-Tamper (AT) Processes into the Systems
    Development Lifecycle

• Saves Resources through AT integration into early stages of System Development Lifecycle

• Saves time to Deployment through elimination of delays for standalone AT planning , integration and approvals

Larger View Here
 

Problem: Complex multi-enterprise environment characterizes the singular military operational paradigm. Effective IA Test Design requires assessment of both technical and administrative controls that both converge and function independently.

Solution: Streamline IA Interface evaluations through effective DIACAP processes. Evaluate IA posture and perform risk analysis through interweaving and coordinated assessments of key interface points and critical components within the system of systems paradigm.

Multi-Element Integrative Risk Analysis

Problem: Risk Assessment within the System of Systems paradigm of BMDS presents challenges of aggregating dissimilar Component and Element risk profiles into a congruent, meaningful and accurate risk assessment at the overarching BMDS Level.

Solution: Define and implement structured Information Assurance process that provides a defendable, repeatable risk assessment of the BMDS System as a whole and relative risk assessments for constituent Elements.

Approach:

IA in a System of Systems:

Larger View Here

Benefits:

• Risk Posture assessed through a balanced analysis of both Consequence and Likelihood.  (tool ratings complemented through inclusion of likelihood measures and architectural considerations)
   
• Defined and repeatable methodologies within and between BMDS Elements yields consistent risk assessment measures for Types and Sites.
   
• Provides decision makers the tools to focus resources where risk is the greatest.