Initial Independent Assessment in Support of Assessment & Authorization (A&A) 

This service includes an independent security control assessment of a new system or system undergoing significant changes. The assessment is conducted in accordance with National Institute of Standards and Technology (NIST) 800-37 & 800-53A and agency tailoring. Standard (electronic) deliverables include:

• Executive Summary
• Certificate
• Control inheritance as appropriate
• Travel to designated customer location as required
• Security Assessment Report (SAR)
• Findings & Recommendations
• Out-Brief Teleconference
• Optional: Data population in the agency's Federal Information Security Modernization Act (FISMA) reporting system

Contact

This service is offered through our federal service partner, the U.S. Department of Transportation (DOT). For more detailed information about this service, please visit the DOT's Enterprise Services Center (ESC) website. 

For inquiries about ESC offered services or if interested in purchasing services, please contact us at: esc-cyberservices@faa.gov.