eMASS photo banner


eMASS is a web-based Government off-the-shelf (GOTS) solution that automates a broad range of services for comprehensive, fully-integrated cybersecurity management, including controls scorecard measurement, dashboard reporting, and the generation of Risk Management Framework (RMF) for Department of Defense (DOD) Information Technology (IT) and DOD Information Assurance Certification and Accreditation Process (DIACAP) Package Reports. eMASS provides an integrated suite of authorization capabilities and prevents cyber-attacks by establishing strict process control mechanisms for obtaining authority to connect information systems to DOD networks.


  • Automated report generation, including all required DIACAP, RMF, and applicable Federal Information Security Management Act (FISMA) reports.
  • Enterprise level visibility of all authorization packages offering comprehensive organizational security postures.
  • Management of all cybersecurity compliance activities and automation of the workflow process from system registration through system decommissioning.
  • Maintenance of an enterprise baseline for security controls, which is stored in the eMASS repository and updated with industry standards.
  • Fully automated inheritance allows systems to inherit security control statuses, artifacts, test results, and view system security postures from other CC/S/A’s or systems.
  • Asset Manager allows eMASS to consume outputs from external vendor scanning tools and map results to information systems.
  • Allows product teams, testers, and security control assessors to effectively collaborate and execute security assessments from geographically dispersed locations with Integrated Project Teams.