JDBiggs & Associates, Inc.

Home

Services

Resources

Company

Contact

Downloads

Store

Your Trusted Partner For Improved

Security & Privacy

Wednesday, July 23, 2008

Home

JD Biggs & Associates, Inc. has produced four (4) Security & Privacy charts to address FISMA compliance, Risk Assessment, Certification & Accreditation (C&A), and C&A lifecycle of Major Applications and General Support Systems. These charts are based on the National Institute of Standards and Technology (NIST) Special Publications, Federal Information Processing Standards (FIPS) and OMB Memorandums.

FISMA Compliance

The OMB and NIST standards for information systems are continuously evolving and JDBiggs & Associates, Inc. has the experience necessary to meet the criteria mandated by the Federal Information Security Management Act (FISMA). Our consulting staff reduces the complexity in developing security and privacy program documentation for Major Applications (MA) and General Support Systems (GSS).

View our FISMA Chart

C&A Lifecycle

Certifying and accrediting systems throughout the lifecycle to support the development of security artifacts for a Major Application (MA) or General Support System (GSS) is time consuming, resource intensive and moderately expensive. JDBiggs & Associates have developed a C&A Lifecycle Methodology that applies to systems in development, systems in productions and those systems experiencing significant change annually. This methodology places the ownership of responsibility on the stakeholders for a specific security artifact; System Security Plan (SSP), Privacy Impact Assessment (PIA), Contingency & Disaster Recovery Plan (C&DRP), and Security Test & Evaluation (ST&E).

View our C&A Lifecycle Chart

Risk Assessment

Performing a risk assessment on a MA or GSS in accordanced with NIST Special Publications is challenging, resource intensive, and time-consuming for most organizations. JDBiggs & Associates, Inc. is a leader in calculating risks, identifying vulnerabilities, and developing Plan of Action and Milestones (POA&M) to mitigate those risks. Our SPA&V Chart is a methodology based on NIST standards and can be used to measure the performance of internal and external resources.

View our SPA&V Chart

Training and Awareness

Security Education Training and Awareness is critical to maintaining Confidentiality, Integrity and Availability of Major Applications, General Support Systems and enforcing Enterprise Security Program Standards. JDBiggs & Associates offers the following training services:

Annual FISMA Compliance
Agency Security Program & Policies
Certification & Accreditation
Risk Assessment
Security Categorization
Plan of Action & Milestones
Security Test & Evaluation
C&A Lifecycle

Certification & Accreditation

Performing a Certification and Accreditation (C&A) on an MA or GSS using the JDBiggs & Associates methodology as defined in our C&A Chart is a NIST compliant process. Our security & privacy consulting professionals apply these charts along with internal Agency policies in delivering an up-to-date C&A package that stakeholders, System Owners, Designated Accrediting Authority, and Information System Security Officers have reviewed and accepted.

View our C&A Chart

Privacy Statement | Terms Of Use