Description of Products and Services Provided to Customer |
At the Department of Health and Human Services, Enlightened is currently tasked with the following:
- Providing Security IT support to perform a FISMA audit of each of the QIO facilities consisting of 53 contractors including 58 separate physical sites.
- Performing project management and quality assurance oversight including, but not limited to, conducting status meetings and submitting weekly/monthly status reports.
- Documenting the existing security posture and the level of FISMA compliance of each QIO site and identifying deficiencies in the security posture according to the National Institute of Standards and Technology (NIST) 800-53,
Recommended Security Controls for Federal Information Systems
- Categorizing the weaknesses (low, moderate, high), providing recommendations for security improvement, and identifying associated costs required to bring the QIO community into FISMA compliance;
- Conducting a white-hat (non-intrusive) vulnerability assessment using NESSUS and N-Map.
|
Outcome/Value/Benefit to Customer |
Through our contract with CMS for the FISMA efforts, we are able to obtain a unique understanding of the security deficiencies of the organization, while also identifying methods of increasing the effectiveness of their security infrastructure.
Enlightened’s IA expertise allows CMS to maintain an effective security posture by keeping up to date on recent vulnerabilities, changes in infrastructure and identification of any new security weaknesses.
|
