The development of the C&A package will be a critical responsibility for the internal federal C&A team. The initiation of the C&A project, analyzing research, preparing the required documents, verifying information, and retaining ethics are all important responsibilities during the development of the C&A package.
In a report of 3-5 pages, provide an explanation of this C&A developmental process. The report should include the following:
• Title page
• Introduction to the paper
• Explanation of what is required to initiate the C&A project, examples of which include the following:
o Creating a contact list
o Holding a kick-off meeting
o Obtaining any existing agency guidelines
• Explanation of the types of research that need to be analyzed, examples of which include the following:
o Documents from the information system developers and administrators
o Previous certification package
• Description of how to represent the required documentation and requirements in the certification package
• Description of the role of ethics in developing the certification package
o An example of an ethics issue: the IS owner wants the certification review team to get the IS certified; therefore, it may be requested for you to compromise your ethics.
• Reference page in APA format
The following documents can be used to assist you with this assignment:
• DOE CIO Guide 205.1-1, Management, Operational, and Technical Controls
• 5 CFR 930, Employees Responsible for the Management of Use of Federal Computer Systems
• The National Institute of Standards and Technology (NIST) special Publication 800-16, Information Technology Security Training Requirements: A Role- and Performance-Based Model, dated April 1998
• Executive Order 13103, Computer Software Piracy, dated September 30, 1998, that requires training on the prevention of software piracy