The primary goal of MCGlobalTech’s Security Authorization (SA) Program is to ensure that Federal Agencies and Contractors are able to meet their customer’s needs with a well-defined SA process.  Thus, using the 80/20 rule, 80% of the needs of the stakeholders can be addressed in a clear and concise S&A process.  Systems enter a repeatable, established and fully documented S&A process, pass through the process using clearly defined procedures and exit consistently.  Drawing on our extensive experience, MCGlobalTech can address the remaining 20% of stakeholders needs by providing guidance and recommendations involving management, operational and technical controls and activities.

Accomplishments realized by MCGlobalTech’s SA program include the following:

  • System Baseline Security Requirements
  • Providing Stakeholders the ability to better measure the progress of SA engineering and re-engineering activities
  • Identifying and completing critical deliverables over a period of time in a systematic and rational manner
  • Obtaining feedback and deliverables acceptance prior to working on additional activities or deliverables
  • Ensuring resources are concentrated on completing tasks associated with the current phase, providing focus and advancing progress
  • Providing a model that can be published to stakeholders, detailing the organized flow of engineering/re-engineering activities being performed in SA Program
  • Standardization, consistency, efficacy and efficiency in initiating and completing Assessments and Authorizations

Critical components of MCGlobalTech’s SA program includes:

  • System Characterization (FIPS 199)NISTRMF
  • Security Self-Assessments (NIST SP 800-26)
  • Security Risk Assessments (NIST SP 800-30)
  • System Security Plans (NIST SP 800-18 and NIST SP 800-53)
  • Security Test and Evaluations (NIST SP 800-53)
  • Plan of Actions and Milestones (POA&M)