America's Security Corporation - Compliance and Security Audits - DSS Contractor Classified System Assessment and Mitigation Strategy

CYBERSECURITY SERVICES

Compliance and Security Audits: DSS Contractor Classified System Assessment and Mitigation Strategy

The journey to compliance is simple when partnering with America’s Security Corporation. Our cybersecurity professionals are knowledgeable of NIST standards, CNSSI, and DSS requirements. We offer the following:

Consulting – We will counsel on system architecture and documentation of the environment and security control implementations. We will develop System Security Plan (SSP), Policies and Procedures, Rules of Behavior, Incident Response Plan, IS Contingency Plan and other necessary system documentation to satisfy security controls.
Security Controls Assessment – ASC will assess security controls and develop the required ATO documentation, including a Security Assessment Plan (SAP), Security Requirements Traceability Matrix (SRTM) and document assessment results in a Security Assessment Report (SAR).
Continuous Monitoring – We will help with any monthly, quarterly, or annual continuous monitoring needs to maintain customer’s system authority to operate. We will assist with major milestone activities for customers to complete their annual assessments include the following:
- Controls and enhancements that have organization-defined operational frequency
- Controls and enhancements less than 3 years, including those that are at varied timeframes (e.g. hourly, daily, monthly, quarterly) and continuous
- Controls NIST and DSS have determined are critical to protecting the information system.
- Controls NIST and DSS have determined necessary to ensure continued operation and implementation of the control as intended, based on the NIST definition of volatility
- Review and update, as required, the System Security Plan (SSP) and attachments
- Conduct Incident Response Plan Test and provide the Incident Response Plan Test Report
- Conduct Contingency Plan functional test and include the Contingency Plan Test Report
- Complete the Annual Assessment Security Assessment Plan (SAP)
- Conduct testing
- Complete Annual Assessment Security Assessment Report (SAR)
- Complete the Plan of Action and Milestones (POA&M)
- Submit the complete Annual Assessment package, including the SAR and attachments, updated SSP and attachments, updated SAP, and POA&M to DSS PMO or Agency AO