We collaborate closely with System Owners, Security Stakeholders, CISO’s and CIO’s to determine what security parameters are relevant for their organization. We develop, implement, and tune the continuous monitoring strategy and technical implementation. Our staff develops security centric data models, dashboards, and decision points for risk officials to make determinations for their enterprise systems.
We derive the relevant controls through the Selection process. Our staff is expertly knowledgeable of the NIST RMF. We perform categorization using FIPS 199 and 200. We are experts in Assessing information systems from traditional triennial certification processes, Annual FISMA reporting requirements, and ad hoc Assessments based on significant changes or critical vulnerabilities.