PCSA Group consultants can help you achieve compliance with the Federal Information Security Management Act (FISMA). We have extensive experience both with civilian organizations and DoD agencies using NIST 800-53 and NIST 800-171 requirements.
Our services include:
- FISMA Gap Assessment – conduct a pre-compliance readiness assessment.
- Information System Inventory – assist with defining and documenting the system inventory.
- Risk Categorization – document the risk categorization according to FIPS 199 “Standards for Security Categorization of Federal Information and Information Systems”.
- System Security Plan (SSP): create and maintain an SSP.
- Information System Security Plan (SSP): select and document controls according to NIST SP 800-53 requirements.
- Risk Assessments: define and document the risk assessment in a Risk Assessment Profile (RAP) document.
- Certification and Accreditation: implement initiation and planning, certification, accreditation, and continuous monitoring.