cybersecurity inspection body program - home - itea · 2019-03-27 · a better world through...
TRANSCRIPT
Cybersecurity Inspection Body Program
Elizabeth CarbonellaAccreditation Manager
March 27, 2019
A Better World Through Accreditation 2019 by A2LA
Introduction Elizabeth Carbonella Accreditation Manager, Inspection Body and Materials Testing Been with A2LA since November 2006 Took over management of the Inspection Body program in June 2016 B.A. in Mathematics from Eastern University in PA
3/28/2019 2
A Better World Through Accreditation 2019 by A2LA
Who is A2LA?American Association for Laboratory Accreditation
Established in 1978 Largest U.S. multi-discipline Conformity Assessment Body (CAB)
Accreditation system 3300+ CABs (certificates) currently accredited 5th largest accreditation body in the world Non-profit, non-government (Impartial and Independent) ILAC MRA-signatory
3/28/2019 3
A Better World Through Accreditation 2019 by A2LA
Benefits of Accreditation Takes away administrative burden from specifiers/regulators Confirmation of competency for specific tasks Consistency Between specifiers/regulators Accredited organizations
3/28/2019 4
A Better World Through Accreditation 2019 by A2LA
Specifiers of Accreditation Federal Government: EPA, FAA, FCC, NAVSEA, NIST, NELAP (EPA),
NRC, NIST/NVCASE, GSAAerospace Industry: Boeing, General Electric, Hamilton
Sundstrand, Pratt & Whitney Bluetooth Cellular Telephone & Internet Association (CTIA)
3/28/2019 5
A Better World Through Accreditation 2019 by A2LA
How did we get involved? FedRAMP Program started in 2014 Work closely with the PMO Confirm FedRAMP requirements are met
3/28/2019 6
A Better World Through Accreditation 2019 by A2LA
Cybersecurity Inspection Body Program Third-party accreditation offers an independent review of an
organization’s compliance to both: ISO/IEC 17020 (Requirements for the operation of various types of
bodies performing inspections) and Technical program requirements for the desired scope of accreditation
(I.e. SOC II, HIPAA/HITECH, PCI, etc.)
Organizations in this program are known as Independent Assessment Organizations (IAOs)
3/28/2019 7
A Better World Through Accreditation 2019 by A2LA
Baltimore Cyber RangeA2LA has partnered with the Baltimore Cyber Range (BCR)
(https://www.baltimorecyberange.com/) to administer a Technical Proficiency Activity This is meant to simulate a real engagement by identifying system
implementation and configuration non-compliance issues
As an IAO, you are required to send ONE team through the exercise annually
3/28/2019 8
A Better World Through Accreditation 2019 by A2LA
Market Needs
3/28/2019 9
A Better World Through Accreditation 2019 by A2LA
NISTWorking to educate government agencies on the third party,
private sector options to support their efforts
Providing documents and guidance on the available standards and the benefits of accreditation NIST Special Publication 2000-01 “ABC’s of Conformity Assessment” NIST Special Publication 2000-02 “Conformity Assessment Considerations for Federal
Agencies”
3/28/2019 10
A Better World Through Accreditation 2019 by A2LA
Questions?
3/28/2019 11
A Better World Through Accreditation 2019 by A2LA 3/28/2019 12
Contact InformationA2LA
5202 Presidents CourtSuite 220
Frederick, MD 21703
301 644 3248 Main301 662 2974 Fax
www.A2LA.org
2019 by A2LAAll rights reserved. No part of this document
may be reproduced in any form or by any means without the prior written permission of A2LA.
A Better World Through Accreditation