RiVidium Configuration Management Independent Verification & Validation
Independent Verification & Validation

Independent Verification and Validation (IV&V) is integrated early in the Concept Development Process (CDP). The purpose of our Verification process is to ensure selected work products meet their specified requirements. The verification process involves the following:

  • Verification preparation
  • Verification performance and
  • Identification of corrective action needed

Our verification includes verification of the product(s) and intermediate work products against all selected requirements, including client, product, and product component requirements.

RiVidium’s verification is an incremental process because it occurs throughout the development of the product and work products, beginning with verification of the requirements, progressing through the verification of the evolving work products, and culminating in the verification of the completed product. Our specific practices build on each other in the following manner:

Select Work Products for Verification

The Select Work Products for Verification specific practice enables the identification of the work products to be verified; the methods to be used to perform the verification; and the requirements to be satisfied by each selected work product.


Establish Verification Environment

The Establish Verification Environment specific practice enables the determination of the environment that will be used to carry out the verification.


Establish Verification Procedures and Criteria

The Establish Verification Procedures and Criteria specific practice then enables the development of verification procedures and criteria that are aligned with the selected work products, requirements, methods, and characteristics of the verification environment.


Perform Verification

The Perform Verification specific practice conducts the verification according to the available methods, procedures, and criteria.


Testing:

Proper system testing is crucial to the protection of resources. RiVidium greatly reduces the risk the client will encounter during the critical phase of testing and evaluation (T&E). We are experts in the field of Testing as a Service (TaaS), and we are currently performing/certifying critical testing environments around the globe. Our testing approach encompasses:

  1. Working early in the design phase by establishing a T&E Planning Cell
  2. Capturing critical test plans and requirements in our secured Testing Cloud environment and portals
  3. Use the captured artifacts to ensure that test threads, information assurance, and other testing procedures are well defined throughout the T&E process.

Validation:

The purpose of our Validation process is to demonstrate that a product or product component fulfills its intended use when placed in its intended environment.

Validation activities are applied to all aspects of the product in any of its intended environments, such as operation, training, manufacturing, maintenance, and support services. The methods employed to accomplish validation are applied to work products as well as to the product and product components. The work products (e.g., requirements, designs, and prototypes) are selected on the basis of which are the best predictors of how well the product and product component will satisfy user needs, and, thus validation is performed early and incrementally throughout the product lifecycle.

Our validation approach demonstrates that the product, as provided, will fulfill its intended use; whereas, our verification addresses whether the work product properly reflects the specified requirements. In other words, our verification process ensures that “we built it right”; similarly, our validation process ensures that “we built the right thing.” Our validation activities use approaches similar to verification (e.g., test, analysis, inspection, demonstration, or simulation). Our validation and verification activities run concurrently and use portions of the same environment.

Authentication and Accreditation:

Our certified security professionals have significant and proven expertise in the development of System Security Authorization Agreements (SSAAs) and in providing accreditation stewardship in accordance with required DITSCAP/DIACAP processes for many DoD applications. To this end, Team RiVidium develops/updates and delivers DIACAP documentation packages depicting system security and any proposed architecture changes with all necessary artifacts required to validate compliance with DoD 8500.2 IA controls. Our process starts with defining the system and its boundaries. Then, we develop or update all the engineering diagrams for networks, system architecture, data flows, software/hardware inventory, etc. to assure that all artifacts necessary for a seamless accreditation effort and its associated IV&V are present. This is followed with a risk assessment and development of the security plan.

RiVidium conducts the end-to-end process and documentation updates, security assessment support, remediation activities, and mitigation validation support required to ensure a successful Certification and Accreditation process; these result in the approval of an Authority to Operate (ATO) by the DAA. Our team fully understands the timelines, procedures, and protocols associated with an Authority to Connect (ATC), Interim Authority to Operate (IATO), Interim Authority to Test (IATT) and ATO, and will meet or exceed the associated goals for this program. We also have proven expertise and processes relating to DODI 8520.2

Back to the Top