Enterprise Mission Assurance Support Servic The DOD recommended tool for information system assessment and authorization Overview eMASS is a Web-based government off-the-shelf GOTS solution that automates a broad range of services for comprehensive fully integrated cybersecurity management including controls scorecard measurement dashboard reporting and the generation of a Risk Management Framework RMF for Department of Defense DOD Information Technology IT and DOD Information Assurance Certification and Accreditation Process DIACAP package reports eMASS provides an integrated suite of authorization capabilities and prevents cyber attacks by establishing strict process control mechanisms for obtaining authority to connect information systems to DOD networks Capabilities Quick Facts • Automated report generation including all required DIACAP RMF and applicable Federal Information Security Management Act FISMA reports • Enterprise level visibility of all authorization packages offering comprehensive organizational security postures • Management of all cybersecurity compliance activities and automation of the workflow process from system registration through system decommissioning • Maintenance of an enterprise baseline for security controls which is stored in the eMASS repository and updated with industry standards • Fully automated inheritance allows systems to inherit security control statuses artifacts test results and view system security postures from other combatant commanders services agencies CC S A or systems Upcoming sessions • Asset Manager allows eMASS to consume outputs from external vendor scanning tools and map results to information systems • Allows product teams testers and security control assessors to effectively collaborate and execute security assessments from geographically dispersed locations with Integrated Project Teams To register for an instructor-led eMASS course or to complete a two-hour online training go to http go usa gov cVfWG PKI-enabled • • • • Sponsors DISA jointly with DOD CIO Established at over 35 CC S As Supports 22 000 user accounts Seamlessly integrates with enterprise web-enabled security assessment tools eMASS Training Instructor-led classroom training is offered throughout the year in Arlington Virginia at no cost March 23-24 April 20-21 May 18-19 June 22-23 eMASS  disa tinker eis mbx okc-disa-peo-service-desk@mail mil 844-347-2457 Options 1 5 3 March 2016 Enterprise Mission Assurance Support Service eMASS The DOD recommended tool for information system assessment and authorization eMASS Cybersecurity Strategy eMASS empowers the cybersecurity workforce through its controlrequirements wizard intuitive user interface linear workflows integrated computer-based training capability and auto generation of all security compliance package reports so that more time can be spent securing the network and not interpreting the policy Through improved cyber situational awareness eMASS enables managers to readily identify vulnerabilities and make decisions concerning cybersecurity resources and program needs Through its central management and governance of an enterprise’s cyber policy eMASS promotes speedy delivery of policy changes and dramatically improves the cycle time to effect these changes directly through to individual teams eMASS Provides Customers with Unmatched Benefits • Automates customizable workflow for managing essential security functions at the enterprise level down to system control activities • Supports reciprocity by providing a common operating picture and a simplified enterprise architecture environment to facilitate information exchange and dynamic connection decisions • Speeds delivery of systems supporting critical enterprise infrastructure the warfighter and other protective services entities by streamlining the RMF assessment authorization and connection approval processes • Enables enterprise reporting and efficiencies through automatic generation of all required security compliance package reports seamless integration with security scanning tools and robust custom reporting capabilities • Eliminates variable costs such as vendor licensing fees paid software updates and escalating operations and maintenance costs • Centralizes management of cybersecurity activities and offers system security practitioners the flexibility to manage artifacts establish and monitor inheritance relationships and collaborate on security compliance development • Rapid response to requests to deploy new RMF policy enhancements overlays and assess only process eMASS is Provided by DISA and Recommended by the DOD DISA manages • Hosting and maintenance • Enterprise help desk • Continuity of operations COOP • • • Monthly training sessions Semi-annual updates releases Computer-based training eMASS  disa tinker eis mbx okc-disa-peo-service-desk@mail mil 844-347-2457 Options 1 5 3