Home   |   Careers at IMSG   |  Login
IMSG Logo - I.M. Systems Group
About Us Core Competencies Products & Services News & Events Contract Vehicles
Core Competencies FISMA Compliance
bulletScientific Support Services
bulletInformation Technology
Services »
bulletNational Security Solutions »
bulletIntelligence Solutions »
bulletSecurity Certification &
Accreditation »
bulletRisk Assessment
bulletSecurity Plan
Development & Updates
bulletSystem Testing &
Evaluation
bulletC & A Package
Development
bulletFISMA Compliance
bulletBusiness Process
Consulting
bulletProgram Management &
Support
 
What an organization does to maintain good security operations is one thing, and many departments have the talent to be secure. But FISMA compliance presents an additional set of challenges -- challenges that force managers to focus on compliance paperwork.

While many security managers are eager to show the auditors their best practices in vulnerability scanning, patch management, and incident reporting, they are frustrated as auditors continue to focus on the paperwork, i.e., “Show me your documents.”

For the already over-tasked security manager or systems owner, this means:
Show me your...
bullet Security Plan
bullet Risk Assessment
bullet System Test and Evaluation (ST&E)
bullet C&A work plan
bullet Plan of Action and Milestones (POAM)

...and other documents that are supposed to provide written evidence that the agency is complying with the mandatory demands articulated in an evolving set of OMB circulars, FIPS Pubs, and NIST guides.

While it is not the intent of FISMA, the reality for many Federal managers is that security management has been relegated to document management. Many security managers and system owners have openly expressed that they are now spending more than 80% of their time producing, managing, and updating FISMA compliance documents.

A growing number of agencies have turned to IMSG to help them tackle the paperwork burden associated with FISMA compliance. IMSG provides the services of staff members who are experienced in both security management and FISMA compliance documentation. We equip our customers with a tool-enabled process that substantially reduces the paperwork burden.

Managers from each of these Federal agencies have reported that they received the highest grades on internal and external security reviews and FISMA compliance audits. These managers also report that they have now shifted their focus from the burdens of FISMA compliance paperwork to higher-value activities, such as enterprise architecture implementation, capital planning, and system life cycle development.

As Federal security policy and reporting requirements continue to change, our process enables agencies to rapidly respond to changes by making sure that their FISMA compliance documents are easily updated and always current. Our methods also enable managers to take a holistic approach, and tie together FISMA compliance security documentation with the Exhibit 300 and other Capital Planning and Investment Control (CPIC) reporting requirements.

Our commitment is to enable security managers and system owners to reduce their time spent on compliance paperwork. As we help free managers from the documentation burden, their time can be spent on higher-value activities.

Contact IMSG for a demonstration of our FISMA compliance tools and services.

Point of Contact:   Bob Fritschie, fritschier@imsg.com, (937) 427-9010
Content Border
Privacy Policy Contact Us Site Map
Corporate Offices:   6309 Executive Blvd.     Rockville, MD 20852     866.368.9880     240.833.1889     937.427.9010
Headquarters:   3401 Bexhill Place     Kensington, MD 20895
© Copyright 2007. All rights reserved.