Federal Mission: Security Compliance using Externalized Authorization Management (EAM)

United States federal agencies are beholden to myriad regulations and standards, some of the most notable of which are the FIPS Publication 200 and the NIST Special Publication 800-53. Both documents, in combination, “ensure that appropriate security requirements and security controls are applied to all federal information and information systems.” These documents offer guidance on conducting an organizational IT risk assessment, and provide a template for determining what type of security controls are recommended to protect organizational operations and resources.

By using a centralized and externalized authorization management (EAM) service, the security accreditation process and the subsequent operations and maintenance can be shortened, saving time and money and allowing application developers to focus on the agency’s mission.

Download PDF