PCSA Group consultants can help you achieve compliance with the Federal Information Security Management Act (FISMA). We have extensive experience both with civilian organizations and DoD agencies using NIST 800-53 and NIST 800-171 requirements.

Our services include:

  • FISMA Gap Assessment – conduct a pre-compliance readiness assessment.
  • Information System Inventory – assist with defining and documenting the system inventory.
  • Risk Categorization – document the risk categorization according to FIPS 199 “Standards for Security Categorization of Federal Information and Information Systems”.
  • System Security Plan (SSP): create and maintain an SSP.
  • Information System Security Plan (SSP): select and document controls according to NIST SP 800-53 requirements.
  • Risk Assessments: define and document the risk assessment in a Risk Assessment Profile (RAP) document.
  • Certification and Accreditation: implement initiation and planning, certification, accreditation, and continuous monitoring.