The primary goal of MCGlobalTech’s Security Authorization (SA) Program is to ensure that Federal Agencies and Contractors are able to meet their customer’s needs with a well-defined SA process.  Thus, using the 80/20 rule, 80% of the needs of the stakeholders can be addressed in a clear and concise S&A process.  Systems enter a repeatable, established and fully documented S&A process, pass through the process using clearly defined procedures and exit consistently.  Drawing on our extensive experience, MCGlobalTech can address the remaining 20% of stakeholders needs by providing guidance and recommendations involving management, operational and technical controls and activities.

Accomplishments realized by MCGlobalTech’s SA program include the following:

• System Baseline Security Requirements
• Providing Stakeholders the ability to better measure the progress of SA engineering and re-engineering activities
• Identifying and completing critical deliverables over a period of time in a systematic and rational manner
• Obtaining feedback and deliverables acceptance prior to working on additional activities or deliverables
• Ensuring resources are concentrated on completing tasks associated with the current phase, providing focus and advancing progress
• Providing a model that can be published to stakeholders, detailing the organized flow of engineering/re-engineering activities being performed in SA Program
• Standardization, consistency, efficacy and efficiency in initiating and completing Assessments and Authorizations

Critical components of MCGlobalTech’s SA program includes:

• System Characterization (FIPS 199)
• Security Self-Assessments (NIST SP 800-26)
• Security Risk Assessments (NIST SP 800-30)
• System Security Plans (NIST SP 800-18 and NIST SP 800-53)
• Security Test and Evaluations (NIST SP 800-53)
• Plan of Actions and Milestones (POA&M)