SecureInfo's New Certification and Accreditation Program Enables Vendors to Deliver Security-Assessed Products to the Federal Government

SAN ANTONIO --(Business Wire)-- SecureInfo(R) Corporation, a leading provider of information security solutions, today announced the availability of the SecureInfo Certification and Accreditation Program (SI-CAP)(TM) and the opening of the company's new C&A Lab. SI-CAP encapsulates SecureInfo's C&A experience into a comprehensive C&A program designed for vendors providing information systems and networked equipment to the Federal government. By taking advantage of SI-CAP, vendors and system integrators can deliver a C&A package with their products, meeting mandated regulatory standards and saving them and the government time and money required for system implementation. The SecureInfo C&A Lab is a state-of-the-art facility designed for C&A testing and package preparation. SI-CAP can be performed in the SecureInfo C&A Lab or on-site at the vendor location.

Click here to learn more about e911 and its impact on VoIP

Click Here to Learn How You Can Profit from IP Communications. Live, in Person at INTERNET TELEPHONY Conference & EXPO West 2006 in San Diego.

IPTV is coming fast. Educated service providers will reap profits first. Learn how at FierceMarkets' IPTV Evolution Workshop this fall.

Get Your IMS Education from The Expert Team at INTERNET TELEPHONY Magazine and TMCnet. This Fall in San Diego at IMS Expo.

"With thousands of C&A packages created, SecureInfo has a proven track record in certification and accreditation for the Federal government, vendors, and system integrators," said Christopher Fountain, president and CEO of SecureInfo. "Vendors can now capitalize on this experience and provide verification that their products were tested in compliance with government security requirements--a requirement for doing business with the Federal government."

SI-CAP delivers a comprehensive C&A package and provides a thorough security evaluation in accordance with security requirements mandated by NIST SP 800-37, DIACAP/DITSCAP, and DCID. The C&A package for each product evaluated includes a comprehensive set of documentation and reports detailing the plan and results of the assessment. The package contains a plan of execution, a system security plan, a system security test and evaluation (ST&E) plan, security test and evaluation report, and a plan of actions and milestones (POA&M).

SICAP also takes advantage of SecureInfo RMS(TM), SecureInfo's compliance software that streamlines, standardizes and centralizes the C&A process. For example, SI-CAP includes C&A templates that can be easily modified and changed to meet field-specific requirements, dramatically cutting the cost and time required for product implementation.

Optional services are available for SI-CAP that address additional security sound practices beyond the NIST, DIACAP or DCID standards. SI-CAP Optional Services include a contingency plan and a configuration management plan to further support FISMA reporting requirements.

SI-CAP is available immediately. Please contact SecureInfo at http://www.secureinfo.com/Company/contact.asp or call 888-677-9351 for more information.

Certification and Accreditation Background

According to the NIST 800-37 "Guide for the Security Certification and Accreditation of Federal Information Systems," certification and accreditation guidelines were developed to help achieve more secure information systems within the federal government by:

-- Enabling more consistent, comparable, and repeatable assessments of security controls in federal information systems;

-- Promoting a better understanding of agency-related mission risks resulting from the operation of information systems; and

-- Creating more complete, reliable, and trustworthy information for authorizing officials--to facilitate more informed security accreditation decisions.

Security certification and accreditation are important activities that support a risk management process and are an integral part of an agency's information security program. Information systems software, hardware and equipment sold to Federal agencies must undergo a vendor-initiated security certification and accreditation process before the system can be implemented. The C&A process requires independent verification and validation performed by a qualified third party.

According to the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), "The DoDI 8500.2 (reference (g)) requires the evaluation of information assurance (IA) and IA-enabled IT products that are incorporated into DoD information systems. DoD information systems that are comprised of both IT products and IA or IA-enabled products shall ensure that their IA and IA-enabled products are evaluated according to DoDD 8500.1 (reference (b)), and shall be subject to the DIACAP."

About SecureInfo

SecureInfo Corporation, Inc. is a leading provider of information security solutions, including professional and managed services, and compliance and policy software products. Organizations rely on SecureInfo's solutions to achieve, sustain and measure IT compliance, protect sensitive data and critical IT assets, and mitigate risk more effectively. The company has designed, built and managed enterprise security operations centers and enterprise-wide compliance and policy solutions across Federal government agencies and commercial companies. Customers include Department of Defense, Department of Homeland Security, NASA, United States Air Force, US Treasury and Nortel Networks. Further information can be found at www.secureinfo.com.

SecureInfo is a registered trademark and SecureInfo RMS is a trademark of SecureInfo Corporate. All other products and brand names are trademarks or registered trademarks of their respective owners.