The application was built for a specific set of users within CMS, and came with unique challenges. Our goals for this project were ambitious.
Problem
The users who go through the ATO process are Information Systems Security Officers (ISSOs) and Cyber Risk Analysts (CRAs) who have a high technical understanding and use another application of record called CFACTS. However, the burden of working in CFACTS is high, with less user-friendly interfaces and limited ability for new users to join.
Solution
Create a proof-of-concept application with forward-thinking, automated features that users can collaborate on to document a system security plan.