Information Assurance & Cyber Security

Assessment and Authorization (A&A):

Our team covers the entire cycle of the risk management framework from categorization, selection of security controls, implementation, assessing, authorizing, and continuous monitoring. We make sure that selected security controls are adequate, appropriate, implemented correctly and operating as intended, as defined in the NIST Special Publications 800-53 series.

Our team develops all kinds of supporting documentation, such as Security Assessment Reports, Security Assessment Plans, System Security Plans, Authorization to Operate (ATO) memorandums, Security Test & Evaluation, Risk Assessment Reports, Privacy Impact Assessments, and Agency-specific documentation.

Continuous Monitoring:

• Conduct Security Impact Analysis on proposed changes to the system

• Perform ongoing assessment of security controls, such as A123/Core annual assessment

• Configuration Management

Risk and Vulnerability Assessments:

We deliver risk and vulnerability management based on NIST Special Publications 800-37 rev1, 800-30, and Compliance Framework. Our experts are greatly skilled in vulnerability management solutions, including:

  • Risk assessments
  • Managing vulnerability assessments
  • Analyzing and prioritizing vulnerabilities
  • Remediation Support
  • Compliance audit

 

RMF/CAP Training:

This cybersecurity workshop prepares student for the Certified Authorization Professional (CAP) certification, including implementing the Risk Management Framework (RMF). We provide hands-on and lecture-based lessons to educate students on the RMF methodology.