GSA’s 18F Integrates ‘Agile’ Methods Into IT Security Certification Process

The General Services Administration’s 18F organization has developed a security certification process for government information technology systems through the use of agile development methods, Nextgov reported Tuesday.

18F’s agile-based authority-to-operate process aims to apply an iterative approach to IT security authorizations and place security work at the start of a project.

“What we try to do is at the very beginning of the project, the first few weeks, we get an ATO,” Michael Torres, director of product at 18F, told Nextgov.

“And then every piece after that, we increment that ATO so it covers more and more of the system,” he added.

Torres noted about 18F’s efforts to further develop the iterative ATO process with security personnel at federal agencies.

“What we’re advocating is to help them and help the program team just focus on this small piece that we’re releasing so that we can make sure that that’s secure and also put in processes and maybe some infrastructure to make sure the next time we release there’s a process for an iterative ATO that doesn’t take as much time and is not as daunting,” he added.

You may also be interested in...

USS Zumwalt

Navy Completes USS Zumwalt Live Fire Test

The U.S. Navy conducted an initial live fire test for a missile launching platform aboard the USS Zumwalt (DDG 1000) destroyer. The service branch also evaluated the potential degradations or hazards from live ordnance fire and determined if USS Zumwalt can withstand shock and vibration from weapon firing activities.

Leave a Reply

Your email address will not be published. Required fields are marked *