• SERVICES
• PRODUCTS
• DOING BUSINESS
• NEWS & EVENTS
• CAREERS

Cybersecurity C&A Software

What differentiates Dynetics AssuredCompliance™ from current approaches to C&A management?

Current Certification and Accreditation (C&A) Approach Using Manual Processes	Data-Centric Approach with Dynetics AssuredCompliance™
Top-down, rather than bottom-up Focuses on creating and storing documents Process not driven by dynamic data Duplicates data input at multiple locations Limited reuse of data across enterprise	Data-centric foundation Data input once, then flows throughout process, from SIP to C&A package Single, authoritative data source for C&A information
Discrete events, not continuous process C&A process not uniformly applied across enterprise, limiting intended value Data unavailable for continuous risk assessment	Built-in C&A workflows Facilitates proactive C&A management of information Drives process to meet key milestones Enables all participants (even novices) to contribute to and manage process
Little or no automation Labor- and time-intensive manual processes Limited to sharing and storing spreadsheets and documents — much manual labor involved Limited ability to share and output data	Easy creation and sharing of C&A data, documents, and reports Quick, easy SIP creation DIP, scorecard, Plan of Action and Milestone (POA&M), and FISMA report packages, on the fly Importation of legacy C&A data, plus sharing and output of data with other systems
Limited visibility into status and risks Disparate systems and reports effectively support decision making Difficult to see enterprise-wide C&A status, priorities, milestones, etc.	Enterprise visibility Tiered visibility into all systems being managed Dashboard provides real-time status of decision support data (certification, severity codes, risks accepted, actions, and milestones) Role-based, web-based access for all participants
Inefficient controls validation testing (CVT) process Vulnerability scan data in disparate formats, making analysis difficult and time-consuming CVT results not accessible throughout process Interview, documentation, and observation (IDO) phase inconsistently managed	CVT results integrated into process Vulnerability data from multiple network and host scanning tools normalized and formatted for analysis and use throughout C&A process Periodic rescanning scheduled and completed without sending out technicians Expert system guides IDO process, then provides consistent data for inclusion in C&A process

Back to Dynetics AssuredCompliance™

Dynetics Cybersecurity Solutions

For more information:
1.256.713.5020 or
1.800.922.9261, ext. 5020
assuredcompliance@dynetics.com

HEADQUARTERS: 1002 Explorer Boulevard|Huntsville, Alabama 35806|TEL: 256.964.4000
Copyright © 2003-2010 Dynetics. All rights reserved.
An employee-owned company|An equal opportunity employer