(Start: OMB Exhibit 300 Attachment 3 for the Final Investment Decision (FID))
Review
- FAA FAST AMS Lifecycle Phases and Decisions guidance website:
- FAA FAST ISS Flow Chart of the FIA section.
Update
- SCAP with your Service Unit/Service Area Certification Team Lead.
- CONOPS of system.
- ISS section of the Preliminary Requirements for the Final Requirement Document (fPR).
- Security Interfaces document for inclusion in Interface Requirement Document (IRD).
- The ISSP.
- System characterization/categorization.(FIPS-199)
- Vulnerability and risk assessment.
Generate
- Initial Security Test Plan & Report.
- Documentation should be produced only if test documents are being developed early based on approved system prototype, prior to Solution Implementation phase.
- Support for system addition to the ATO Five Year SCAP Plan with your Service Unit/Service Area Certification Team Lead and ISSO.
- Proposed schedule, security characterization/categorization (FIPS-199) and planned sites where a system would be fielded to the ISSM
- Security Information for Solicitation Information Request (SIR), Contract Statement of Work (SOW) and Contract Data Requirement List (CDRL).
Obtain
- Stakeholders’ buy-ins and signing of the final security documents.
Deliverable(s)
- Updated OMB Exhibit 300, Attachment 1:
- (pPR) transformed into Final Requirement Document (fPR).
- OMB Exhibit 300, Attachment 2: Business Case Analysis Report (BCAR)
- OMB Exhibit 300, Attachment 3: Implementation Strategy/Planning (ISP)
- Final security vulnerability and risk assessment.
- SCAP documents
- ISSP with security policy statement.
- System characterization/categorization.
- Security Test Plan & Report (See note above.)
- Proposal of schedule, FIPS-199, and plan toward ATO Five Year SCAP Plan for your added system.
- The security information for SIR, SOW & CDRL.
- Stakeholders’ signatures on all finalized security documents
End FIA for AMS decision point: #4 & Phase: IA
Last updated: Friday, October 12, 2018