Where are the family of controls within eMASS derived from?

The control requirements found within eMASS’ exportable spreadsheets come directly from the NIST SP 800-53 publication.  Because of this, federal contractors working to achieve authorization designation will need to have in place comprehensive policies and procedures. To be specific, cleared contractors will need to have a large number of policies, procedures, programs, and plans in place for achieving Authorization to Operate (ATO) as part of the NISP NIST RMF A&A process within eMASS. 

Over the years, developing NIST SP 800-53 specific security documents has been one of the most difficult, time-consuming, and challenging measures for cleared contractors.  To help speed the up the process greatly, we developed the Arlington Security Portal (ASP), an online repository of world-class, industry leading security policies & procedures, programs, plans – and other highly essential documents & templates developed specifically on the NIST Risk Management Framework (RMF) 800 series of publications for information security, cybersecurity, and privacy control families.

From Beginning to End, Complete Project Management for NIST RMF A&A within eMASS

With Arlington, we can manage your entire NIST RMF A&A process within eMASS from beginning to end (i.e., from the initial NIST RMF eMASS scoping & gap assessment to post-Authorization to Operate (ATO) activities), providing essential services for getting you to the finish line in terms of your ATO.  Core services and solutions offered include the following:

• Scoping & Gap (i.e., Readiness) Assessments
• Remediation Services (Policy and Procedures writing)
• Remediation Services (Technical and Operational)
• System Security Plan (SSP) Development
• Completion of eMASS Export Control Spreadsheets
• Continuous Monitoring (ConMon) Services