Case Study Undergraduate 1,413 words

SRA International and Federal IT Security Compliance

~8 min read
Abstract

This paper examines SRA International, Inc., a corporation that provides information technology solutions to the U.S. federal government across national security, healthcare, civil government, and public health sectors. The discussion analyzes why SRA chose to partner with federal agencies, defines open source intelligence (OSINT) and its relationship to national security, and identifies examples of critical infrastructure. It also evaluates the importance of interoperability between federal agency systems, provides an overview of the Government Information Security Reform Act (GISRA), and compares it to the Federal Information Security Management Act (FISMA). The paper concludes by assessing the suitability of the FISMA compliance model for federal information security programs and identifying persistent weaknesses in agency information systems.

📝 How to Write This Type of Paper Writing guide — click to expand
â–Ľ

What makes this paper effective

  • Clearly organizes a multi-part case study into distinct topical sections, making complex regulatory material accessible and logically sequenced.
  • Grounds abstract concepts — such as open source intelligence and interoperability — in concrete examples (e.g., Google Earth imagery, Public Key Infrastructure), giving the analysis practical relevance.
  • Directly compares two related federal statutes (GISRA and FISMA), identifying specific differences rather than treating them as interchangeable, which demonstrates analytical precision.

Key academic technique demonstrated

The paper demonstrates applied policy analysis: it takes statutory and regulatory frameworks (FISMA, GISRA) and evaluates their real-world application within a specific organizational context. Rather than summarizing law in the abstract, the author connects compliance requirements to operational outcomes — such as agency report card grades and control weaknesses — using GAO audit findings as evidence.

Structure breakdown

The paper opens with a rationale for SRA's partnership with the federal government, then moves through conceptual definitions (OSINT, critical infrastructure), operational concerns (interoperability), and statutory analysis (GISRA vs. FISMA). It closes by assessing FISMA's suitability as a compliance model and identifying systemic weaknesses in federal IT security. This progression — from context to concept to policy evaluation — reflects a standard case study structure appropriate for an undergraduate information security or public administration course.

Introduction

SRA International, Inc. plays an important role in serving the people of the United States by providing the federal government with information technology (IT) solutions across multiple sectors, including national security, healthcare, civil government, and public health. Several factors likely motivated SRA's decision to work with federal government departments and agencies:

This strategy has proven sound, as SRA is assured of a stable future customer base and revenue stream. The company's access to classified information also gives it a competitive advantage over other firms that might seek to offer similar services.

Before analyzing the security regulations governing federal information systems developed and maintained by SRA, it is important to understand some of the foundational technologies used to gather intelligence and counterintelligence from various sources. This leads to an examination of open source intelligence.

Open Source Intelligence

Open source intelligence (OSINT) can be defined in several ways. It is generally understood as information that is considered unclassified and may originate from overt, non-clandestine sources (Best, 2007). The Intelligence Community uses the term to refer to information that is available to the general public and can be obtained lawfully through request, observation, or purchase (Intelligence Community, 2006). It is therefore important that the acquisition of open source intelligence conform to applicable copyright regulations and requirements.

As outlined by Sands (2005), open source intelligence falls into the following categories:

Open source information includes, but is not limited to, the following:

OSINT is a significant enabler of national security (CSS, 2008). Its benefits are numerous. The low cost of using OSINT makes it particularly well-suited for data collection, as it is far less expensive than gathering information through classified methods. High-resolution imagery available through tools such as Google Earth is a prime example of open source intelligence in action, eliminating the need to invest in costly satellite equipment and installations. Information gathered through OSINT can also be used to inform the general public about serious threats to national security.

Critical Infrastructure

Open source intelligence is also of considerable importance to private businesses. Although the information is technically unclassified, it is often treated as proprietary because it may contain financially sensitive data that is legally protected and has the potential to cause significant harm if disclosed improperly (Sands, 2005).

The definition of critical infrastructure has undergone significant evolution over time. U.S. public policy definitions have often been both evolutionary and ambiguous (CSR, 2004). Much of the debate centers on the adequacy of public resources, which have long been observed as deteriorating and insufficient.

A useful definition can be drawn from a report by the Council of State Planning Agencies, which defines infrastructure as the broad set of public facilities and equipment required to provide social services and support economic activities in the private sector (Vaughan and Pollard, 1984). These facilities and equipment include:

3 Locked Sections · 520 words remaining
Sign up to read these 3 sections

Interoperability Between Federal Agency Systems · 180 words

"PKI-enabled data sharing and security benefits"

GISRA and FISMA: Overview and Comparison · 180 words

"GISRA roles, history, and differences from FISMA"

FISMA Requirements and Federal Agency Security Weaknesses · 160 words

"FISMA compliance model and persistent agency vulnerabilities"

You’re 33% through this paper. Sign up to read the remaining 3 sections.

Sign Up Now — Instant Access Already a member? Log in
130,000+ paper examples AI writing assistant Citation generator Cancel anytime
Key Concepts in This Paper
FISMA Compliance Open Source Intelligence Critical Infrastructure Federal IT Security GISRA Interoperability PKI SRA International Information Security National Security
Related Topics
Information Security 1,000 papers Technology 1,000 papers Advantages Of Internet 1,000 papers Information Systems 1,000 papers Information Technology 1,000 papers Internet 1,000 papers
Related Documents
Similar papers from our library
Yasuni National Park
Critical Analysis
media exam
Goethe and Romanticism
Website evaluation
Cite This Paper
PaperDue. (2026). SRA International and Federal IT Security Compliance. PaperDue. https://www.paperdue.com/study-guide/sra-international-federal-it-security-compliance-8807

Always verify citation format against your institution’s current style guide requirements.