Information System Security Engineer (ISSE) services – ISG specializes in ensuring that your information systems are as secure as possible and that those systems undergo C&A/A&A processes as efficiently and as quickly as possible. ISG eases the burden of creating the artifacts needed to undergo security testing as well as preparing the systems for testing. The end state is your systems being more secure and gaining ATO status while giving Project Managers more time to manage effectively and giving developers more time to develop while ISG handles your project’s security needs.
A&A/C&A Documentation – ISG security engineers are experts at producing the documentation needed to attain an Authority to Operate (ATO) status for the systems that we support. This documentation includes System Security Plans (SSPs), Test and Evaluation Plans and Plans of Action and Milestones (POA&Ms).
Certification Testing – ISG’s Security Assessment Testers are well versed in using the latest assessment tools along with expert judgment to uncover vulnerabilities in a system’s security posture. This includes configuring policies and analyzing the results of scanning tools used to assess Operating Systems, databases and web applications for undiscovered vulnerabilities. The discovery and mitigation of these vulnerabilities leads to better protection of our customer’s valued cyber assets and the data contained therein.
Information Security Engineering – ISG specializes in ensuring that applications are designed with security in mind from the start. ISG helps its customers to understand and implement security best practices and to ensure that IT solutions are compliant with Federal Information Processing Standards (FIPS) guidelines. The end state of this security-focused engineering is better protected information systems, resource conservation and systems that more readily and successfully undergo C&A/A&A processes.