Contact Us callus 301-523-3775

Federal Government Information Assurance

solutions One of the most challenging issues facing the federal government today is IT security. Evolving threats place ever-increasing demands on the federal agencies to secure its General Support Systems (GSS) or Major Applications (MA) and have effective security policies that lead to the protecting sensitive data. For agencies, compliance with mandates and multiple regulations such as FISMA and FIPS are rapidly becoming a very visible requirement. NSIS personnel have over 12 years of assessing and implementing Information Technology security controls. Its core competence is in the following areas:

1.Federal Information Security Management Act (FISMA) Reporting

FISMA establishes greater management responsibility for information security as well as providing for significant oversight by the legislative branch. It is the primary legal basis of Federal IT security aimed at reducing risks to an acceptable level for government owned and operated systems. NSIS Information Security consultants provide the expertise and tools to implement, and manage IT security solutions necessary for FISMA assessment reports.

2.Federal Information Systems Control Audit Manual (FISCAM)

The Chief Financial Officer Act of 1990 requires the Office of Management and Budget to prepare and submit to Congress a government-wide financial management plan. FISCAM objective is to audit the security controls on information systems with contain financial data. General controls that are assessed consist of Agency Security Program Planning and Management (SP), Access Controls (AC), Application Software Development and Change Controls (CC), System Software (SS), Segregation of Duties (SD), and Service Continuity (SC). NSIS has extensive experience in security process and technology management, and the essential methodologies required to meet the demands of FISCAM Audits.

3.Privacy and Data Sensitivity Assessment

This assessment identifies privacy issues that should be addressed during at the various phases of the life cycle of federal IT systems and defines the process to be established for addressing the privacy issues throughout the life cycle.

4.Risk Assessment

This assessment determines the net negative impact of the exercise of vulnerabilities, considering both the probability and the impact of the occurrence. This assessment is essential for identifying risks, assessing risks, and identifying the steps to reduce risks to an acceptable level for federal IT systems. These actions enable Federal agencies to accomplish its mission by better securing IT systems which stores, process, or transmit information.

5.Security Self-Assessments

Annually an SSA is perform ensure that federal IT systems are is in compliance with the latest requirements and synchronized with the most up-to-date security practices. It provides a mechanism to ensure that all requisite security documentation has been completed and updated with the latest system changes.

6.800-53 Internal Security Control Review

Internal reviews are comprised of three major activities to ensure compliance with security requirements of federal agencies and NIST:
  1. Security self-assessment
  2. certification and accreditation review and analysis and
  3. intrusion testing.

Latest News

1. NSIS partners with Nucore Vision, Inc. to perform Information Technology Assurance activities for the Department of Labor..

2. NSIS teams up with Landover, MD based Heitech Services, Inc. to perform Certification and Accreditation assessment for the Department of Labor