Automating Accreditation and Authorization
Volant is working with the government to streamline the security accreditation process. In most Federal Government organizations every application and system must be formally accredited based on the selection and specification of security controls as defined by the NIST Risk Management Framework (RMF) described in NIST Special Publication (SP) 800-37 Revision 2. While the NIST SP 800-37 documentation defines the overarching risk management approach, government agencies are afforded the opportunity to implement security controls in a manner consistent with their unique mission needs. Based on Volant’s consistent track record of delivering secure technical solutions, the Volant team was selected to provide an innovative approach to address, contribute, and speed key elements of the accreditation process.
Volant’s technical approach in leveraging Opencontrol (open source security standard) is a paradigm shift and completely changes how a developer implements a system and how an organization verifies those security controls.
— Chris Golden, CTO, Volant Associates LLC