Home   |   Careers at IMSG   |  Login
IMSG Logo - I.M. Systems Group
About Us Core Competencies Products & Services News & Events Contract Vehicles
Products & Services FISMA Compliance
bulletProducts »
bulletPrograms »
bulletServices »
bulletAdvanced Algorithms
bulletApplication
Development
bulletCertification &
Accreditation (C&A)
Package Development
bulletClimate Change
Analysis
bulletCoastal Change
Analysis
bulletCoastal Ocean
Research
bulletCoastal Resource
Management
bulletContract Management
bulletCoral Bleaching
Response Plans
bulletData Analysis
bulletData Assimilation
bulletData Modeling
bulletData Visualization
bulletDatabase Development
bulletDisaster Recovery
(Environmental)
bulletEcological
Assessments
bulletEnvironmental
Assessments
bulletEnvironmental
Characterization
bulletEnvironmental
Forecasting
bulletFederal Information
Security Management
Act
bulletFishery Management
bulletFISMA Compliance
bulletGrants Management
bulletHabitat Mapping
bulletHabitat Restoration
bulletHelp Desk Support
(Tech Support)
bulletImpact Analysis
bulletInvasive Species
Detection
bulletLanduse Mapping
bulletMarine Protected Area
Design
bulletNetwork Administration
bulletPolicy Development &
Analysis
bulletReef Management
Strategies
bulletReef Restoration
Strategies
bulletRisk Assessment
bulletSatellite Applications
Research (STAR)
bulletSecurity Plan
Development & Updates
bulletShoreline Data
Development
bulletSocio Economic Impact
Analysis
bulletSoftware Development
bulletSpatial Data Analysis
bulletStressor Management
bulletSystem Testing &
Evaluation
bulletWeb Development
 
What an organization does to maintain good security operations is one thing, and many departments have the talent to be secure. But FISMA compliance presents an additional set of challenges -- challenges that force managers to focus on compliance paperwork.

While many security managers are eager to show the auditors their best practices in vulnerability scanning, patch management, and incident reporting, they are frustrated as auditors continue to focus on the paperwork, i.e., “Show me your documents.”

For the already over-tasked security manager or systems owner, this means:
Show me your...
bullet Security Plan
bullet Risk Assessment
bullet System Test and Evaluation (ST&E)
bullet C&A work plan
bullet Plan of Action and Milestones (POAM)

...and other documents that are supposed to provide written evidence that the agency is complying with the mandatory demands articulated in an evolving set of OMB circulars, FIPS Pubs, and NIST guides.

While it is not the intent of FISMA, the reality for many Federal managers is that security management has been relegated to document management. Many security managers and system owners have openly expressed that they are now spending more than 80% of their time producing, managing, and updating FISMA compliance documents.

A growing number of agencies have turned to IMSG to help them tackle the paperwork burden associated with FISMA compliance. IMSG provides the services of staff members who are experienced in both security management and FISMA compliance documentation. We equip our customers with a tool-enabled process that substantially reduces the paperwork burden.

Managers from each of these Federal agencies have reported that they received the highest grades on internal and external security reviews and FISMA compliance audits. These managers also report that they have now shifted their focus from the burdens of FISMA compliance paperwork to higher-value activities, such as enterprise architecture implementation, capital planning, and system life cycle development.

As Federal security policy and reporting requirements continue to change, our process enables agencies to rapidly respond to changes by making sure that their FISMA compliance documents are easily updated and always current. Our methods also enable managers to take a holistic approach, and tie together FISMA compliance security documentation with the Exhibit 300 and other Capital Planning and Investment Control (CPIC) reporting requirements.

Our commitment is to enable security managers and system owners to reduce their time spent on compliance paperwork. As we help free managers from the documentation burden, their time can be spent on higher-value activities.
Content Border
Privacy Policy Contact Us Site Map
Corporate Offices:   6309 Executive Blvd.     Rockville, MD 20852     866.368.9880     240.833.1889     937.427.9010
Headquarters:   3401 Bexhill Place     Kensington, MD 20895
© Copyright 2007. All rights reserved.