Security accreditation is an official management decision to authorize operation on an information system and accept the associated risks. (Madisetti, 2009) Certification and assessment seeks to offer dependable, related and repeatable valuations of security controls in information systems, assist in gaining an improved working knowledge of Agency-related task risks, and to gain thorough, certifiable, and dependable information that will expedite security examinations. The certification piece speaks to the specific nature of management of risks and policies, operations related to people, technology related to specific hardware, software, and/or firmware.