Home / Services / Security Services
Security and Information Assurance Services
Certification and Accreditation (C & A) Services
To support the risk management of Federal information systems and applications, APG provides a full suite of Certification and Accreditation (C & A) Services. APG provides business-agile Certification and Accreditation Services to meet our Federal customer's specific requirements. Our C & A engagement methodology allows our customers to quickly identify the scope and depth of assessment services they need to support Certification.
Our Certification and Accreditation Services include:
 Pre-Certification Documentation Preparation
The Pre-Certification Documentation Preparation service is designed to provide FISMA/NIST compliant organizational, program and system security documentation. This service can be leveraged in preparation for a NIST 800-37 compliant Certification and Accreditation engagement or to remediate an identified gap in required documentation.
 System Certification and Accreditation
The objective of the C&A process is to accurately describe the security posture of the system under evaluation, provide an assessment of the security risk, and recommendations for deficiency correction. This information will be utilized by the Authorizing Official in his/her decision to formally assume responsibility for operating an information system at an acceptable level of risk to agency operations, agency assets, or individuals.
  • a. New System Certification and Accreditation
  • b. System Development Lifecycle C&A Services Integration
  • c. Pre-Deployment Certification and Accreditation
  • d. System Recertification
  • e. In-flight Annual Reviews
  • f. Security Assessments (ST&E)
  • g. CP ⁄ DR Test, Compliance Verification (Optional)
APG provides C & A Services through the Department of Interior's National Business Center (NBC). Effective January 12, 2009, the NBC was selected by OMB as a shared service provider of Certification and Accreditation (C&A) Services.
Network Penetration Testing and Application Ethical Hacking services
Recognizing the need for perimeter and application security, APG provides Network Penetration Testing and Application Ethical Hacking services. Serving both the Federal and private sector, APG provides network and application ethical hacking services to help our customers proactively identify where their network or applications may be vulnerable to attack, exploit or unauthorized use. Through automated and hands-on testing techniques, we quickly identify the technical risk of the vulnerabilities identified.
To effectively manage the risk, we help our customers understand how these technical risks could impact the business operations. Working with our customers, we describe the technical risks in terms of the potential business impact of vulnerability -- loss of a system or application's integrity, availability or a disclosure of confidentiality information.
Whether risks are remediated or accepted, the business impact descriptions allow risk managers to develop more effective remediation plans.
Qualifications
In partnership with the Department of Interior's National Business Center:
Effective January 12, 2009, the NBC was selected by OMB as a shared service provider of Certification and Accreditation (C&A) Services.
Home   |   Privacy Policy   |    Terms of Use    |    Contact Us    |    Sitemap
Copyright © 2011 Advanced Programs Group. All rights reserved.