Test, Evaluation, and Assessment and Authorization (A&A)

IT Concepts provides comprehensive test and evaluation services for both our Defense and Civilian government clients. Our knowledge of federal and Department of Defense testing and evaluation policies and procedures ensures that technical solutions are complete and align with test and security requirements.

We test, validate, and document our work on multiple levels. This includes unit and component testing to ensure the pieces of an application operate as designed and the product meets all of the user and system requirements, along with legal requirements like Section 508 Amendment to the Rehabilitation Act of 1973.
We document and conduct the full range of test activities to ensure that system components add value to the overarching system. These test activities include:

  • Developing test plans and test procedures,
  • Planning and performing load/stress tests,
  • Preparing and performing security testing,
  • Performing interoperability testing,
  • Preparing and performing full regression testing.

Our test and evaluation services includes Assessment and Authorization services. By overlaying the Risk Management Framework (RMF) with our customized and tailored processes, we ensure successful completion of all security tasks, while delivering high-quality RMF support services. The governance of the personnel architecting, engineering, validating, implementing, maintaining, and operating throughout the SDLC must consider every aspect of security holistically. People are the primary defense. ITC staffs, assesses, trains, and manages its personnel to meet the cyber security challenges. With security being the influential force for current and future solutions, there are three major categories of our security solution:

    1. Security Engineering Practices – Building all aspects of security into technical solutions to reduce risk and minimize impact.
    2. Security Assurance – Supporting information assurance to ensure solutions deployed are secure and data integrity is preserved with C&A and governance activities.
    3. Security Services – Delivering solutions to support monitoring tools, PKI, biometrics, and encryption, etc.