Xacta® Assessment Engine: The solution of choice for automated assessment and authorization (A&A), sustained compliance, and continuous risk assessment.

Xacta Assessment Engine is part of the Xacta IA Manager Risk Management Suite  Request for a product demo

Xacta Assessment Engine offers the most comprehensive set of compliance and risk assessment functionality available in a single COTS package, containing a vast knowledgebase of more than 100 security policies, regulations and standards parsed into more than 5,000 individual security requirements and associated test procedures, all updated as required.

  • Automates and streamlines the documentation of your IT procedures – in compliance with government and commercial regulatory requirements, including the content and templates you need to meet agency mandates

  • Support for FISMA reporting – Quickly produces mandatory documents required for assessment and authorization (A&A)

  • Formal Test Plan and SRTM – Dynamically generates a Formal Test Plan, tuned to your system-specific assets and requirements, covering all the elements in your SRTM

  • Extensible Publishing – Fast and easy modification of existing templates and simpler creation of new ones; includes a complete array of standard templates for DIACAP documentation as well as the new CAP-IT (Certification and Accreditation Package Input Toolkit) format
  • Controls inheritance – Allows common security controls to be inherited across systems to reduce the complexity and cost of security administration

  • Privacy impact assessments (PIA) – Supports production of privacy impact assessments in keeping with federal guidelines to demonstrate that privacy

  • Reference relationships – Establishes reference-extension relationships between projects to ensure accurate configuration notifications and reporting for “type-accredited” systems protections

  • Enhanced POA&M Reporting – Includes a complete portfolio of management reports to track Plans of Actions & Milestones (POA&M), generated at either the control or the test group level

  • Digital asset management – Tracks and links artifacts including sample documents, archived documents and uploaded images

Assessment documentation for your specific requirements. Xacta IA Manager dynamically generates your Formal Test Plan, tuned to your specific assets and requirements, that parallels all the elements in your security requirements traceability matrix (SRTM). When complete, Xacta IA Manager’s flexible publisher tool enables wizard-driven assembly of the documentation you need for assessment and authorization (A&A) and other compliance reporting.

Risk and compliance reporting. Xacta IA Manager helps organizations quickly assess compliance with defined information security standards. The Executive Dashboard allows you to review and manage enterprise IT risk and compliance using graphics and easy-to-read management reports. Once a baseline risk and compliance assessment has been completed, you can establish business rules that continuously update Xacta IA Manager with information that can track risk and compliance.