Abstract :
Certification and accreditation (C&A) is considered by many to be one of the greatest challenges to information technology (IT) program scheduling and timely mission support. The Systems Security Engineering and Assurance (SSEA) approach combines controlled design, development, integration, testing, and operational maintenance engineering and embedded information assurance (IA) engineering to implement manageable, predictable and on-schedule C&A. This paper explores the definition and coordination of 16 activities integrating IA engineering, C&A activities and milestones, network operational planning, accreditation planning, connection activities and approval and IA operational management and maintenance. SSEA is embedded within and supports critical linkages among the engineering quality, control, development, integration, testing, and operational maintenance tasks.
Keywords :
information technology; security of data; systems engineering; accreditation planning; certification and accreditation; connection activity; embedded information assurance engineering; engineering quality; information assurance maintenance; information assurance operational management; information technology program scheduling; network operational planning; operational maintenance engineering; systems security assurance; systems security engineering; timely mission support; Accreditation; Certification; Control systems; Design engineering; Engineering management; Information security; Information technology; Maintenance engineering; System testing; Systems engineering and theory;