Project Description

KRM served as a sub-contractor to conduct an Independent Security Control Assessment (SCA) of the Veterans Health Information Systems and Technology Architecture (VistA) system.  This SCA process supported the certification of VistA on three different computer platforms.

The purpose of the VISTA system is to support clinical and related activities within Veterans Health Administration (VHA) Medical Centers (VAMCs) throughout the country.  The VISTA system is currently installed on three computer platforms, VMS/DSM, VMS Cache, and W 2K Cache.  Testing was completed on each of the 3 platforms.   The VistA Legacy Certification Project developed a national methodology to accredit the VISTA Legacy system at the VHA’s 163 medical centers, to include meeting all OMB, NIST, and VA requirements to achieve accreditation.  The independent testing of security controls, was required to reach that goal.

The VISTA system had to undergo the SCA process consists primarily of a Kernel and a suite of applications that interact with the Kernel Communication of data in VISTA uses HL7 and XML standards over VA local area networks (LANs) and the VA wide-area network (WAN).

This project was completed on time and within budget on 3/31/2006.