Continuous Authorization to Operate (cATO) Working Group

This working group will launch with a roundtable on August 6. If you are interested in joining, please email workinggroups@atarc.org

In a rapidly changing technical environment, it’s no secret that cybersecurity is more important than ever. External security requirements, tech refresh and tech insertions, and bad actors and threats are increasing every day, putting pressure on the traditional ATO processes and the tempo in which they are done.

The problem is clear: the RMF/ATO process simply takes too long. Agility is critical to implementing security measures and IT modernization, but the timeline for modernization and security upgrades continues to increase, and additional labor is not the answer.

Enter the continual ATO process, critical in compressing timelines and decreasing the effort brought on by thwarting cybersecurity threats, allowing for more frequent application and security updates and upgrades benefitting overall program modernization and security.