From systems design and implementation to information assurance, cyber security, and program management we assist in solving technical challenges.
We provide analysis, design, and the implementation of IT networks, databases, and web based applications. Our IT services are administered by highly qualified IT subject matter experts who provide highly reliable service and solutions, which includes help-desk, desktop, network, and server support. This expertise extends to the installation and configuration of databases, Database/Web backup and recovery, new technology integration for application software.
Our processes call for detailed analysis to ensure that our Customer’s;
1) System requirements have been completely and properly identified.
2) Performance requirements derived from the Initial Capabilities Document (ICD) are defined and testable.
3) Requirements are consistent with cost, schedule, risk, and technology readiness constraints.
We track all of the requirements through each phase of the life-cycle to ensure the requirements are addressed. Our process applies assessment checklists to track and verify requirements from pre-award through the end of the program life-cycle, which include but are not limited to the System Requirements Review (SRR), Preliminary Design Review (PDR), and Critical Design Review (CDR).
Our certified engineers and technicians assist our Customers in the Risk Management Framework (RMF) process that integrates information security and risk management activities into the system development life cycle. This includes executing the RMF tasks concurrently as a part of system development life cycle processes, while taking into account the appropriate dependencies. We tailor the process for managing risk, which provides the flexibility to apply the risk management concepts associated with the RMF in a manner that is most suitable for the Customer’s organization and the information system involved. This includes monitoring the security controls in an information system while simultaneously tracking changes to the system and its environment of operation, conducting security impact analyses, taking remediation actions, reassessing security controls, and reporting the security status of the system.
We can assist in applying RMF steps 1-3 (Categorizing the Information System, Selecting Security Controls, and Implementing Security Controls) to legacy systems to determine if the necessary and sufficient security controls have been appropriately selected and allocated. If no weaknesses or deficiencies are discovered in the security controls during our analysis and there is a current security authorization in effect, the organization can move directly to the last step in the RMF, continuous monitoring. If our analysis discovers deficiencies, these deficiencies can be addressed in Steps 3 through 6 of the RMF process.
Our approach to providing accurate and timely life cycle security services is based on our knowledge of the RMF’s six step process; and understanding of Information Assurance (IA) processes and procedures for identifying, implementing, validating, certifying, and managing IA measures and services.