Jump to Content

Special Access Required Management Information System ™ (SARMIS™)

SARMIS is a multi-user solution addressing today's security management needs with the entire team in mind. It is a modular product designed through an exhaustive process of reviewing and mapping the features and deficiencies of numerous legacy Special Access Program (SAP) management programs. SARMIS was designed to improve data standardization and commonality and expand the integrated set of features available to the end user. It tracks all relevant information associated with SAPs, to include the personnel accesses, program, facility and organization tracking, and SAP reporting and management functions. SARMIS specifically allows the import/export of data to/from other database programs, facilitates data output tailored to the user’s requirements and utilizes common programming standards.

Back to Top What is SARMIS™?

SARMIS is a CSCI product developed to facilitate the security management functions associated with oversight of Special Access Programs (SAPs). SARMIS is an e-business solution designed to track various aspects of the workplace, specifically with consideration to programs, program security, and facility security. This multi-level capable, compartmented, special access required solution integrates existing stovepipe tracking systems into a secure and distributed personnel information system. SARMIS will allow security personnel to automate many of their daily work processes by providing the ability to track security levels and accesses of people, facilities and SAP/SCI (Sensitive Compartmentalized Information) data under their supervision. It will also provide program managers a better view into how their programs are accessed, by whom, and where, especially for larger programs with many compartments and levels. It will allow sharing of data across multi-level security organizations while still performing according to security rules. SARMIS increases the effectiveness of the information security and SAP communities by providing the electronic, secure mechanism to accurately report, manage and track SAP accesses.

Back to Top Background

To date, there have been several news stories indicating that the Government has lost or compromised classified information. These security breaches have been due to a lack of following security processes. The Government and its contractors required a better way to track and protect their special access information. They also needed to better track user accesses to sensitive, special access programs and information so that they know exactly what has, or may have been, compromised.

Often the people with final oversight responsibility need to know what accesses are needed, who is performing activities at different locations, and what accesses each person requires at those particular locations. The number of people accessing sensitive data is in the thousands. There may be no easy, fast way to find out who has access to what information, the status of that access, and whether participants required briefings. Also, access permissions for a single individual can become a complex mix of varying program authorizations and classified information access levels at different locations depending on their responsibilities and authorizations at each site.

Accesses, clearance checks, and information tracking must be performed at many locations with diverse levels of security clearance. This function is performed by small, disparate groups of security personnel coordinating information amongst themselves. These security groups work at different locations and report to different organizations. The biggest hurdle is to be able to perform these functions in a secure manner. This means that data must be acquired at one or more central points and then spread back throughout the system while following proper security protocols.

Before SARMIS, there was no automated way to perform this security tracking. SARMIS not only automates security tracking, it ensures that the security data itself remains secure while being shared among those who need information or access.

Back to Top Capabilities
Table showing Capabilities of SARMIS™ Back to Top Approach
Management Approach
  • Obtain insight to the existing methodology of how clients conduct and manage business in the Special Access Program (SAP) arena
  • Increase the knowledge of the client with new methodologies and identify the advantages of the changing business structure
  • Determine project schedule for Integration, Installation and Testing
  • Migration of old data into new system, training and support/maintenance

SARMIS R1.0
incorporates all of the core features and functionality required to perform basic security management for SAP environments. The initial release of the product is a single server system. It contains the functional requirements in the single server requirements specification, but may be rolled back to an incremental delivery if needed. The initial release concentrates on the security officer as the end user while providing the functionality to track, add, and modify access records for people and facilities. It allows users to track/create paper records of items such as Briefings, Program Access Requests (PARs), visit requests and other receipts of actions. It allows users to monitor security subjects’ clearances, expiration and update actions and more. This release is a client/server application using Oracle Forms and Reports.

SARMIS R2.0
contains the Core functional structure along with a dynamic web-enabled interface with some improved and enhanced features and functionality.

Future Versions
Through the use of controlled interfaces, future releases of SARMIS will provide users of the system with 'need-to-know' data based on the roles of users, the security policies, Agency involvement and Program guidelines. SARMIS will be for the multi-tier server system with trusted databases to share data between organizations. The product will be upgraded to implement full ownership information and location access registries using mandatory access controls while integrating with CSCI's TII™ solution.

The SARMIS approach is to produce a high quality, e-business SAP solution with each new release that meets the requirements of secured environments while ensuring superior client satisfaction.

Back to Top