Begin Final Investment Analysis (FIA) for AMS decision point: #4

(Start: OMB Exhibit 300 Attachment 3 for the Final Investment Decision (FID))

Review

Update

  • SCAP with your Service Unit/Service Area Certification Team Lead.
  • CONOPS of system.
  • ISS section of the Preliminary Requirements for the Final Requirement Document (fPR).
    • Security Interfaces document for inclusion in Interface Requirement Document (IRD).
  • The ISSP.
  • System characterization/categorization.(FIPS-199)
  • Vulnerability and risk assessment.

Generate

  • Initial Security Test Plan & Report.
    • Documentation should be produced only if test documents are being developed early based on approved system prototype, prior to Solution Implementation phase.
  • Support for system addition to the ATO Five Year SCAP Plan with your Service Unit/Service Area Certification Team Lead and ISSO.
    • Proposed schedule, security characterization/categorization (FIPS-199) and planned sites where a system would be fielded to the ISSM
  • Security Information for Solicitation Information Request (SIR), Contract Statement of Work (SOW) and Contract Data Requirement List (CDRL).

Obtain

  • Stakeholders’ buy-ins and signing of the final security documents.

Deliverable(s)

  1. Updated OMB Exhibit 300, Attachment 1:
    • (pPR) transformed into Final Requirement Document (fPR).
  2. OMB Exhibit 300, Attachment 2: Business Case Analysis Report (BCAR)
  3. OMB Exhibit 300, Attachment 3: Implementation Strategy/Planning (ISP)
  4. Final security vulnerability and risk assessment.
  5. SCAP documents
    • ISSP with security policy statement.
    • System characterization/categorization.
    • Security Test Plan & Report (See note above.)
  6. Proposal of schedule, FIPS-199, and plan toward ATO Five Year SCAP Plan for your added system.
  7. The security information for SIR, SOW & CDRL.
  8. Stakeholders’ signatures on all finalized security documents

End FIA for AMS decision point: #4 & Phase: IA

Last updated: Friday, October 12, 2018