|
PRIVATE SECTOR
Healthcare Industry
Financial Industry
Insurance
Accounting
Our clients have asked us to assist with:
- Email security process management
- Regulation compliance
- Identify Intellectual Property protection
- Identity Management Assessment
- Network Security
- Application security
- Secure remote access deployment
- Define Policies & Procedures
|
- Privacy
- Short term CSO function
- Alignment with best practices
- Entire security lifecycle management
- DMZ Architecture
- OS security and standardizing
- Secure wireless deployment
|
PUBLIC SECTOR
Security services for the public sector include
--Information Systems Security
--NIACAP Services
Information Systems Security
OutSecure's approach encompasses the project's entire lifecycle and is broken down as follows:
--Discover Information Protection Needs
--Define Systems Security Requirements
--Design System Security Architecture
--Develop Detailed Security Design
--Implement System Security
--Assess Information Protection Effectiveness
NIACAP Services
This National Security Telecommunications and Information System Security
Instruction (NSTISSI) defines the National Information Assurance Certification and
Accreditation Process (NIACAP). The NIACAP establishes a standard national process, set of activities, general tasks, and a management structure to certify and accredit systems that will maintain the information assurance (IA) and security posture of a system or site.
OutSecure NIACAP services are designed to certify that information systems meet documented certification & accreditation (C&A) requirements and will do so through the entire system life cycle Certification and Accreditation (C&A) is a management process by which the risk of operating a system is identified and reduced to acceptable levels relative to the value and sensitivity of the system.
A formal decision to operate is made by a manager who can be held accountable for the security and performance of the system. The Office of Management and Budget (OMB) requires agencies to accredit all federal IT systems, and to report quarterly and annually on overall C&A progress. Furthermore, OMB and GAO have both indicated their intent to increase the level of scrutiny paid to the quality of agencies' C&A deliverables.
.
Our solutions are based on standardized federal government processes including:
NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems
National Information Assurance Certification and Accreditation Process (NIACAP)
We deliver the NIACAP solution in the following phases:
Phase 1 - This is the SSAA definition Service
Phase 2 - Verification Service
Phase 3 - Validation Service
Phase 4 - Post Accreditation Service.
OutSecure will assist agencies with all phases of their their certification and accreditation (C&A) planning to comply with all government regulations and guidance, including OMB A-130, Appendix III and National Information Assurance Certification and Accreditation Process (NIACAP).
We help with initial C&A program planning, system and application owners with C&A life cycle implementation, and auditors with compliance assessment. Specifically, Our C&A support services include the following:
:
- C&A Program Development Support. We assist agency security managers establish a C&A program. Our expert information security consultants help select the appropriate federal C&A standards and requirements.
- Life Cycle Certification Support. We provide system and application owners with tailored, full-service support during all phases of certification: Phase 1 (Definition), Phase 2 (Verification), Phase 3 (Validation), and Phase 4 (Post-Accreditation).
- Certification Audit Support. Our Team helps inspectors general or designated approving authorities perform certification assessments of agency systems in accordance with DITSCAP, NIACAP, or OMB A-130.
|
