Census checks security with Xacta
- By Dibya Sarkar
- Nov 03, 2004
Census Bureau officials awarded Xacta Corp. a three-year $287,000 contract to automatically monitor, assess and report security risks and compliance of the agency's information systems.
Bureau officials will use the company's Xacta IA Manager to automate activities related to information technology risk management and remediation, providing a consistent approach to certification and accreditation of agency systems. The company's product determines an organization's IT assets, measures security risks and provides processes and documentation to satisfy federal guidelines.
Under the contract, officials will be able to perform an unlimited number of certification and accreditation assessments to comply with bureau-specific and Federal Information Security Management Act (FISMA) guidelines.
Once baseline assessments are complete, Xacta IA Manager can be configured to continually and automatically update a system's risk and compliance, thereby reducing an agency's time and effort to comply with FISMA reporting requirements on a daily basis, according to a press release.
In a previous interview, Richard Tracy, the company's chief security officer, said federal regulations indicate agency officials should certify and accredit systems at least every three years or when a major system change occurs.
A National Institute of Standards and Technology publication released this spring, he said, is clear about the need for doing continuous monitoring to identify changes in the environment and determine whether certification is needed.
"But at least by looking at the changes that take place