Process Owner: Manager, Corporate Information Security Office
Note: An owner must be a PCES-level manager or higher.
This process establishes standard tools and processes for recertification within the Postal Service Technical Environment.
Recertification applies to all existing technology solutions (small or field) sponsored by, developed for, or maintained or operated on behalf of the Postal Service, whether or not they are located at a Postal Service facility. Recertification also applies to pilot and proof-of-concept projects.
|Step 1:||Revisit Business Impact Assessment (BIA):
The TSPM and ISSO will revisit the existing BIA and check to see if any changes are needed.
|Step 2:||Perform Risk Assessment:
The existing Risk Assessment will be revisited and will be updated according to any new risks identified for the existing technology solution.
If there were new risks found or changes in the BIA, the process will continue onward through the C&A Process.
|Step 3:||Obtain Recertification Letter:
If Recertification is not required the TSPM and ISSO complete the Recertification Exception Letter.
Information Systems Security Officers (ISSOs): These individuals are responsible for evaluating the existing technology solutions to see if recertification is necessary.
Section(s) Revised: N/A
Revision Description: Baseline
Section(s) Revised: All
Revision Description: This document was made Section 508 compliant and was converted to HTML.
Revision Date: FY12/Q3