What is SAAfire?
SAAfire is a Security Assessment & Authorization (SA&A) app that has streamlined the NIST 800:53 (US) / ITSG-33 (CAN) assessment process to determine security posture across a collection of best practices, standards, and 18 security control families pre-tailored for electronic, digital, data, and material assets. It is a lean and fast means to assessing an asset, providing the base documentation for compliance.
SAAfire also provides an elaborated Statement of Sensitivity (SOS) on data on its own or as handled by an asset, before performing the current state and desired state of Strengths & Gaps (S&G), similar to a Security Requirements Traceability Matrix (SRTM).
SAAfire saves as you go and keeps a repository of reports for each assessment, and is the perfect solution for smaller government departments handling less sensitive information, or SMEs who are budget conscious and require agile security assessment solutions.
SAAfire does not use AI or allow uploads of data to ensure data protection. Saafire does not share or collect any data.
How Does Saafire Work?
SAAfire provides rated and prioritized questions that address condensed, but fulsome, security controls, to reveal gaps and deficiencies with the asset or its data. The SOS established the required control profile, and the S&G measures the current security posture against that profile, weighing the impact of an asset being destroyed modified, or lost or stolen. The data sensitivity table below shows the government and private sector categories and their descriptions.
| Data Sensitivity Level – Private Sector | Data Sensitivity Level – Government | Impact from disclosure could cause: |
|---|---|---|
| PUBLIC | UNCLASSIFIED | No potential injury or harm caused. |
| SENSITIVE | PROTECTED A | Injury to department, company or individual. Potential for injury or harm to individuals. |
| CONFIDENTIAL | PROTECTED B | Serious injury to department, company or individual. Potential for elevated injury or harm to individuals, or organization financial information. |
| RESTRICTED | PROTECTED C | Exceptionally grave injury to department, company or individual. |
| SECRET | Serious injury to the national interest. | |
| TOP SECRET | Exceptionally grave injury to the national interest. |
SAAfire is decision-based and provides only the assessment questions required for formulating the overall compliance and areas for improvement.
Results are presented in a comprehensive, downloadable PDF report that can be used to address vulnerabilities in order of priority. Additional tailoring can be requested from SAAfire.
Legal and Privacy/Copyright
Legal and Privacy
The information provided by this app is not intended as a substitute for professional assessment advice. For privacy reasons, this version is not AI enabled and does not require an account or login. By using this app, you acknowledge and agree that the app and its creators are not liable for any injury, loss, or damage resulting from your use of, or reliance on, the information provided. For privacy reasons, this version is not AI enabled and does not require an account or login. We do not collect, save, store, or analyze any personal, commercial, or competitive information.
Copyright Notice
You may not copy, reproduce, distribute, modify, display, perform, or create derivative works from any content in this app without prior written permission, except for personal, non-commercial use as permitted by law. Unauthorized use of this content may result in legal action.
© 2026 IVY – Ideological Violence and Youth Resource Network. All rights reserved.