CMS Information Security and Privacy Group (ISPG), Adaptive Capabilities Testing (ACT)


IRIS Health Solutions is currently providing security control assessment services and subject matter expertise to The Centers for Medicare and Medicaid Services (CMS) under the CMS Security Assessment and Authorization Program, within the Information Security and Privacy Group (ISPG). As CMS transitions systems from the previous Security Controls Assessment (SCA) framework to the new Adaptive Capabilities Testing (ACT) framework, IRIS is performing Adaptive Capabilities Testing to ensure CMS systems meet all industry standards to obtain Authorization to Operate. IRIS assists CMS in validating appropriate controls on their information systems, identifies risks to assessed systems, and helps CMS understand the risks that the assessed systems and its environment pose to the CMS enterprise.


Program Management,  Project Management
About Us

IRIS Health Solutions has been delivering excellence and value to both commercial and Federal clients since 2006. IRIS has been at the epicenter of health IT transformation in the United States since its inception helping health organizations strategize, manage and build health IT systems and adjunct programs.

© 2024 IRIS Health Solutions LLC. All Rights Reserved.