Pinnacle Solutions, Inc. (Pinnacle) is pleased to announce that the KC-10 Training System received accreditation under the DoD’s Risk Management Framework (RMF) on July 16, 2018. The one-year Authority to Operate (ATO) renewal was the result of working closely with the security controls assessor representative to document the status of security controls and mitigate or remediate priority one controls. The one-year period also represents the longest ATO period in the previous four years.
During the recent ATO renewal process, Pinnacle provided cybersecurity support related to the RMF and addressed the following conditions:
- Completed the Rehost modification & migration to Windows 10 Secure Host Baseline (SHB) on all 4 Weapon System Trainers (WSTs) and both Flight Training Devices (FTDs).
- Developed a detailed Plan of Actions and Milestones (POAM) to complete the two Boom Operator Trainers (BOTs) Rehost mod & Windows 10 migration by April 2019.
- Completed 114 Priority 2 Enterprise Mission Assurance Support Service (eMASS) controls.
- Conducted and submitted authenticated Assured Compliance Assessment Solution (ACAS) vulnerability and compliance scans every 30 days.
Pinnacle remains committed to working diligently to ensure the KC-10 Training System achieves that highest security posture possible while maintaining trainer fidelity to improve the quality of service and training to our Air Force customer.