ERT performs system testing and evaluation to assess the security posture of information technology systems; conducts vulnerability scans; performs compliance scans; assists ISSO to mitigate system risks and remediate vulnerabilities; manages the Assessment and Authorization (A&A) process for High and Moderate systems and applications per NIST guidance; develops and maintains A&A documentation; reviews for completeness and compliance with security policies, procedures, and guidance; develops and tracks all Plans of Action and milestones to ensure the highest level of security posture is maintained; and performs independent assessments of security controls for applications and systems.
