Defense Health Agency
CyberSecurity Lifecycle Management
Cybersecurity Management & Reporting Portal (CSMRT)
Automated Control Correlation Identifier (CCI) Responses
Automated eMASS CCI Import
Automated Cybersecurity Issuance (task order) Management
Automated ATO/AR Timeline Generation
BCS has supported the A&A lifecycle at DHA from the inception of the agency through its current transition and consolidation of Military Health Services (Army, Air Force, and Navy).
We have successfully taken numerous systems, enclaves, applications, and type accredited systems through the DHA Assessment and Authorization process to attain an Authority to Operate (ATO).
Our experts helped shape the policy and procedures as the agency transitioned from DIACAP to RMF, including:
Guiding working groups and other DHA branches on cybersecurity-related policy and procedures.
Developing and publishing standard operating procedures for the Network Security Operations Branch.
Creating over 200 ATO/annual review/risk assessment packages.
BCS developed a FedRAMP Infrastructure as a Service (IaaS) package for DHA. The FedRAMP package ultimately served as a guide as DHA transitioned from DIACAP to RMF.
So, yeah, we’ve clearly kicked our fair share of butt over the years. But don’t just take our word for it (even though we are super honest people) — hear from our customers: