The design, assessment, mitigation and risk control processes of the security systems would be in compliance with both the Federal Information Security Management Act (FISMA) and with the guidelines provided by the National Institute of Standards and Technologies. These standards and guidelines are designed to ensure the creation and maintenance of secure systems for the most sensitive U.S. government data. The system would not be implemented without the successful completion of a comprehensive security test and evaluation (ST&E) that determines the adequacy of the designed controls. The system's security would be assessed annually through FISMA-required self-assessment, and every three years through the more rigorous ST&E process.