- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
An Introduction to Certification and Accreditation
- Abstract
- Going through the formal process of Certification and Accreditation (C&A) insures that a clearly established set of Security Requirements is developed and implemented, any residual risk is minimized and clearly understood, and all aspects of the development and deployment of security controls and policies are described in the System Authority Authorization Agreement (SSAA). This paper will examine the C&A process, the guidance that helps define the Security Requirements, and the responsible parties and their roles, to provide a basic understanding of C&A.