Web Based C&A Tool

Virtual Security International (2007-2008)

Designed and developed a web based Certification and Accreditation web based automated tool for DIACAP, NIST, ISO and PCI risk assessment and management methodologies utilizing Ruby on Rails and MySql. The tool produces a Cyber Risk Summary Scorecard, a Plan of Action and Milestones, an Implementation Plan and a Validation Results report. Other features includes automated creation of DoD 8500.2, NIST 800-53 and Department of Defense STIG checklists (Security Technical Implementation Guides). Includes 5000 security controls.