Skip to main content
system-authorization

System Authorization

Overview

System Authorization at CMS is the result of testing and documenting security compliance for FISMA systems. Authorization to Operate (ATO) is the stamp of approval from an Authorizing Official (AO) that verifies a system is appropriately protected to operate with minimal risk.

CMS Business Owners, ISSOs, and other stakeholders work together to confirm that a system's security and privacy controls are working as intended. Modern programs at CMS such as Ongoing Authorization focus on continuous assessment and management of risk.

Latest articles and updates

Visit the blog to see more articles and posts.