Assesses organizational information systems against NIST SP 800-171 and/or DFARS 252.204-7012 for all CUI requirements.
Utilizes quidelines provided in NIST SP 800-171A.
Tailored to moderate and high impact systems as defined in FIPS Pub 199 and NIST SP 800-53.
Includes review/preparation of System Security Plan (SSP).
Systematic evaluation of policies, procedures, resources, and systems for all IT internal and functional systems.
Collaborative project team, consultants and key organizational members.
Six step engagement:
- Project plan preparation
- Review of SSP
- Individual system assessment
- Identify opportunities for improvement
- Develop recommended steps for improvement
- Organization feedback/communication.
Covers all 14 Security Categories specified in NIST SP 800-171.
Distinct deliverables for each major engagement milestone.
Recommendations are prioritized based on impact and cost.
Client is presented all testing results, as well as examinations and interview summaries.
Usually takes 4 - 6 weeks, depending on workscope.
Systems typically included:
- Operating systems
- Security applications
- Email systems
- Communications applications
- Administrative systems
- Functional applications.
Pricing based on scope of engagement, typically $20K - $50K.
Documented NIST Compliance Assessment document delivered with all testing results and collected data.
NIST COMPLIANCE ASSESSMENT
NIST Compliance Assessments are a valuable tool in gauging an organization's security posture. For organization's providing services and information to the government they are a must.
eQuorum’s comprehensive, yet easy-to-use Workflow and Document Management Software provides the solution to manage data - from design through manufacturing and production, to sales, support and administration.