Security Policies & Procedures
GSA-IT has outlined many Security Policies and Procedures. Below you will find several areas pertinent to FAS-IT related to new and currently operating systems, FAS Cloud Services, and overarching GSA-IT documentation and resources.
An ATO is a formal declaration by an Authorizing Official that authorizes the operation of an agency system or vendor-owned and/or operated system. Explore the process to obtain an ATO and levels of authorizaiton available.
Learn MoreReview information as it pertains to IAM solutions, tools, and technologies utilized by FAS-IT. This information is intended for GSA users, external government customers, and vendors.
Learn MoreGSA has established an Ongoing Authorization (OA) Program to achieve Ongoing Authorization to Operate (OATO) for GSA managed information systems. OA provides a more frequent view into the security posture of the onboarded systems.
Learn MoreGSA and FCS IT security policies for safeguarding IT assets and the potential consequences of breaching IT security policies.
Learn More