Information System Security Officer (ISSO) Systems Re-Authorization

The Systems Re-Authorization service ensures National Institute of Standards and Technology (NIST) SP 800-53 security controls assigned are appropriate for a system. This service prepares system security documentation based on the Risk Management Framework (RMF) and NIST 800-37 to submit the Assessment and Authorization (A&A) Authorization to Operate (ATO) package for Chief Information Security Officer (CISO) approval.

Contact

This service is offered through our federal service partner, the Department of Health and Human Services (HHS). For more detailed information about this service, visit the HHS Enterprise Security Services (ESS) page. 

For inquiries about ESS offered services or if interested in purchasing services, please contact us at esslob@hhs.gov.