PEO EIS Programs

Around EIS

RCAS Assumption of Charter

By Mr. Pete Van Schagen, RCAS Communications

Mr. Sajjan (Saj) M. George was introduced as the new acting product lead (PL) for the Reserve Component Automation Systems (RCAS) during an Assumption of Charter ceremony hosted by Mr. Michael Padden, Installation Information Infrastructure Communications and Capabilities (I3C2) project manager, Jan. 11, 2016, at Fort Belvoir, Virginia. The outgoing RCAS PL, Mr. Ralph Ocasio, departed after a distinguished tenure, and received a Superior Civilian Service Award and other recognition during the ceremony. Mr. Ocasio will be the new deputy project manager for I3C2.

Mr. George assumes his new position after serving as the RCAS deputy product lead since December 2014. He has over 20 years of active duty service in the U.S. Army and retired as a lieutenant colonel. Throughout his service, Mr. George served in a variety of leadership roles, including deputy director of sustainment directorate at General Funds Enterprise Business System, deputy chief information officer/G6 of the Army National Guard (ARNG) headquarters, branch chief of information technology program management and program objective memorandum development officer for the ARNG G6. He served one combat tour in Iraq as the deputy of the Joint Acquisition Review Board and the Multi-National Corps Budget Execution Office. Mr. George’s military awards include the Legion of Merit, Defense Meritorious Service Medal, Meritorious Service Medal (3rd Oak Leaf Cluster), Army Commendation Medal and the Army Achievement Medal.

Click on the images below to view:

Posted January 13, 2016

AMIS Leads the Way with RF-ITV System Reaccreditation

By Geoff Steele, AMIS Security Analyst

Cybersecurity is changing in the Army, and the team developing and maintaining the Radio Frequency In-Transit Visibility (RF-ITV) System is leading the change management. In March 2014, the Department of Defense (DOD) formally issued instructions for transitioning to a new model for information technology system certification and accreditation, the Risk Management Framework (RMF) process, replacing the DOD Information Assurance Certification and Accreditation Process (DIACAP). Information Assurance (IA) has always been a priority for the RF-ITV managing office, Automated Movement and Identification Solutions (AMIS), so the RF-ITV program and system integrator were up to the challenge of adopting RMF from the start. AMIS is the first program to undertake this massive change in the process to accredit a system. The risk of not getting through RMF is simple: no Authority to Operate (ATO), no RF-ITV for the logistics community.

The RF-ITV team, along with the PEO EIS Information Assurance Program Manager (IAPM) team, attended an RMF early adopters’ sessions at Fort Huachuca, Arizona. The group learned to utilize a main tool in implementing the RMF policy, the Enterprise Mission Assurance Support Service, a service-oriented computer application that supports IA program management and automates the DIACAP process. A key change in the RMF process is the self-assessment — the system manager now assesses all security controls for compliance. After the initial self-assessment, the security control assessor-validator gains an understanding of the system’s IA posture by reviewing system IA documentation, acquires an understanding of the system’s implementation of operating procedures by interviewing people working the various IA roles, verifies the system configuration, meets applicable regulations by performing vulnerability scanning and, finally, evaluates and validates the security controls implemented by the system manager and writes a report, which authorizing officials use in the formal decision to grant an ATO. This process is critical in protecting information systems from cyber-attack. AMIS chose the RMF process, which becomes mandatory in 2017, opposed to DIACAP in order to maximize the timeframe the ATO would be valid. An IT system can't operate on the DOD network without being accredited.

The RF-ITV team was at a disadvantage as the first to go through the RMF process, as they lacked the benefit of lessons-learned or best practice recommendations from other programs. However, the outstanding effort made by the RF-ITV system integrator personnel combined with IAPM team guidance resulted in the three-year ATO, making the RF-ITV System the first to earn this certification within PEO EIS! The team also offered advice to those earning the new accreditation: start early and be prepared for the complexity of the process, which took at least six months longer than earning an ATO via the DIACAP process.

Posted January 08, 2016