Training A&A analysts to act and think like CND professionals – improving assessment and authorization recommendations for Authorizing Officials

By Marcus Norman History For years, Assessment and Authorization (A&A) analysts have held an important job – deciding which applications and systems can connect to a network by assessing the potential risks new systems introduce. A security assessment consists of reviewing a system security plan (SSP), contingency plans, network topologies, vulnerability and compliance scans, manual […]