Authorization & Assesment

Celebrating 20 Years Protecting the Systems of Those Who Protect

Watershed Security has been providing solid technical solutions to the Federal Marketplace for over 20 Years. We have engaged on the front lines with our Nation’s warfighters to secure our critical infrastructure from increasing globalized threats. We pool the resources, research, engineering expertise, and experience gleaned from industry best practices and quality assurance to bring you the expert advice, solutions and results that keep you ahead of threats through the use of advanced technology.

Information Technology in Healthcare

Authorization and Assesment

Watershed’s consultants provide the essential expertise to properly execute the RMF Authorize step to enable organizations to determination the risk in Cloud systems, on premise systems, military weapons and navigation systems as well as Building Control Systems (BCS).  Our engineering assess the risk and provides actionable data to determine to authorize (or not) a system to operate.

We determine the security and privacy posture of that system, as well as the risk from the operation and use of the system. This risk is determined using the authorizing official review and analysis of the information and materials in the authorization package, as well as organizational-level and system-level risk information provided by senior officials (e.g., senior agency information security officer, senior agency official for privacy, risk executive), control assessors, system owners, and other stakeholders to the authorizing official.

If necessary, further discussions between the authorizing official and those furnishing the information may take place to help the authorizing official fully understand the risks. During risk analysis and determination, the authorizing official also takes into consideration organizational risk tolerance, dependencies among systems and controls, mission and business requirements, criticality of the mission or business functions supported by the system, and the overall risk management strategy of the organization.

Watershed Security has been providing A&A services to the Department of Defense and Civilian Agencies since 2003. In this time, we reduced the complexity and promoted smart security investments for our customers and have performed over 400 authorization packages that were approved by the Navy Action Officer (AO) with zero rework, resulting in the savings of man hours and the increase in mission effectiveness.

Our certification obtained from the United States Navy as a Corporate Fully Qualified Navy Validator (C-FQNV) ensures that our staff is fully capable and experienced in the DIACAP and RMF processes and have the ability to validate the work of the accreditation analysts. We are able to provide subject matter expertise to our clients to ensure that their systems and networks remain in compliance with US Navy and NIST accreditation regulations.

Watershed’s understanding of the requirements of FISMA, Risk Management Framework (RMF) and the methods and best practices of C&A allow us to offer A&A services to our Defense and Civilian clients. Watershed is able to provide certification and accreditation specific training to system developers, integrators, certification analysts and other validators.