Security Certification and Accreditation Support
In addition to its innovative software products, Trusted Computer Solutions (TCS) provides a full range of professional services. As an industry-leading provider of security certification and accreditation (C&A) services, TCS has successfully taken many complex networks through C&A processes. With more than 12 years of leadership and support, TCS has extensive and proven experience in helping customers gain final authority to operate approval.
TCS worked with the Secret and Below Interoperability (SABI) community to establish an improved approach to the DoD Information Technology Security Certification and Accreditation Process (DITSCAP). This streamlined approach captured all of the information identified in the DITSCAP guidelines while eliminating redundancies and grouping information in a more logical and beneficial manner. The SABI community has a new name, Cross Domain Solutions (CDS), and the DITSCAP has been superseded by the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), but the same streamlining principles apply. TCS has created Cross Domain Appendices (CDAs) and facilitated interactions with numerous C&A representatives to successfully assist many customers through the SABI/CDS process.
TCS also has expertise with the Director of Central Intelligence Directive (DCID) 6/3, taking both TCS products and other government systems through the Top Secret SCI and Below Interoperability (TSABI) C&A process. In particular, TCS has effectively completed the DoD Intelligence Information System (DoDIIS) application of the DCID 6/3 regulation, an extensive testing and review process. TCS has created System Security Authorization Agreements (SSAAs), developed Short Form SSAAs, and facilitated interactions with C&A representatives to successfully assist many customers through the TSABI process.
TCS experience also extends to supporting the accreditation of Special Access Program (SAP) networks. Working alongside the SAP accreditor and test team, TCS has created System Security Plans (SSPs) and assisted with the testing effort and report completion. Leveraging lessons learned with SABI/CDS, TSABI, and SAP accreditations, TCS has developed a standard approach to C&A that is adaptable to the differences between the various C&A processes.
In the specific area of cross domain products, TCS interacts regularly with the Defense Intelligence Agency (DIA), the National Security Agency (NSA), and SAP representatives to support PL4 and SR 1-9 testing. These rigorous testing efforts are required in addition to extensive testing performed on the baseline trusted operating system during Common Criteria (CC) evaluation. TCS develops detailed test procedures to demonstrate compliance with all applicable requirements during lab-based and on-site testing events.
A secure system life cycle has but one capstone event - an approval to operate. To this end, TCS has created a modular approach to C&A that is cost-effective and focused to meet a customer´s needs.
Click here to download the PDF Fact Sheet
Trusted Computer Solutions C&A offerings
Silver
C&A Templates
For those instances where the customer needs a head start on the C&A process and desires to do the rest of the C&A work themselves, TCS provides C&A templates, based on availability, for the customer to complete and facilitate through the appropriate C&A process. This category is for TCS products only. Includes:
- C&A document templates
- C&A test procedure updates
Gold
C&A Documentation
Professional Services
For those who desire a higher level of assistance, TCS uses its knowledge of C&A processes (DITSCAP, DCID 6/3, SABI/CDS, TSABI, SAP) to create a set of C&A documentation and to facilitate the customer navigating their product implementation through the appropriate C&A process. This category is for TCS products and can also be applied to non-TCS systems. Includes:
- C&A documents completed (except for test report and residual risk)
- C&A test procedure updates
- Kickoff meeting
- Phone and email support as the facilitator between the customer POC and C&A process representatives (e.g., SABI/CDS engineers, NSA, CDTAB, DSAWG, DIA, ITA, SAP)
Platinum
C&A Documentation & Testing
Professional Services
For those who desire the ultimate in support and comprehensive "cradle-to-grave" C&A services, the TCS Platinum plan virtually assures success. It includes everything in the GOLD plan plus expert on-site support for C&A testing activities. This category is for TCS products and can also be applied to non-TCS systems. Includes:
- Everything in GOLD
- Preparation for testing On-site participation in testing
- Completed C&A test report and residual risk document
Click here to download the PDF Fact Sheet |
