Certification and Accreditation
CNF has extensive experience in certification and accreditation support, from small to large enterprise, for both Classified and Unclassified Systems. CNF has conducted numerous on-site security validation activities for both government and commercial clients and have developed all required system security documentation. We are thoroughly familiar with the applicable Instructions and Directives that implements the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) for Federal Information Systems, and the policy mandates of the Federal Information Security Management Act (FISMA) requirements.
For each certification and accreditation activity we prepare the required Plan of Actions and Milestones (POA&M) that identifies the tasks that need to be accomplished to correct any security weaknesses found in systems. Additionally, we ensure the systems validation complies with the applicable Health Information Portability and Accountability Act (HIPAA), Privacy Act, Gramm-Leach-Bliley Act (GLBA), and proprietary requirements. CNF can assist your organization for all your certification and accreditation requirements.
CNF is fully prepared to transition from the Certification and Accreditation (C&A) process to the Assessment and Authorization (A&A) process utilized in the Defense Information Assurance Risk Management Framework (DIARMF) and NIST Risk Management Framework.
For more information on CNF Network Security and how we can help your company or organization, please contact us.