Skip Ribbon Commands
Navigate Up
Sign In
Home > Mission Areas > National Security & Intelligence > Services > Networks and Information Integration > Information Assurance Center of Excellence > Certification, Accreditation, and Compliance Support  

Certification, Accreditation, and Compliance Support

 
Noblis performs as a trusted impartial link between Federal Agencies, industry vendors and systems integrators. Noblis Cyber-security and Information Security (INFOSEC) engineers are familiar with the computing technologies and operating environments used by Federal Agencies. Noblis provides unbiased and objective cyber-security support, IT security architecture analysis services, Federal Information Security Management Act (FISMA) compliance, and Certification & Accreditation (C&A) support.

Noblis' overall knowledge of National Institute of Science and Technology (NIST) guidance, experiences in the application of that guidance and participation in developing NIST guidance, makes Noblis well positioned to provide full scale Information Assurance support (as an "honest broker" and government force multiplier).

Noblis' cyber-security and C&A experiences are extensive. Our INFOSEC engineers have many years of experience performing IT security architecture analysis services and C&A support for Federal agencies. As reflected in the following summary list of our capabilities, Noblis understands the critical missions these Federal systems support.

  • Development and management of robust OMB and NIST compliant IT security programs which include evaluating and assessing current cyber and information security processes, making recommendations on improving existing processes related to securing information systems and related information, educating and piloting government staff members through the relevant Federal information system security guidance, and producing required documents and document templates
  • Development of all documentation necessary to meet the FISMA and NIST requirements, including System Security Plans (SSPs), Contingency Plans, Configuration Management Plans, etc.
  • Performance of security assessments of IT infrastructures and application systems processing Government information, including Government systems and commercial entities operating under Government contracts, in accordance with NIST and agency-specific policies, procedures, and guidelines.
    • Conduct of risk assessments, including recommending mitigation strategies to eliminate and/or reduce residual risks
    • Conduct of Security Test and Evaluation (ST&E) of information systems to determine that the required security countermeasures and controls are in-place and operating as intended.
    • Conduct of vulnerability assessment of large, complex networking systems using multiple tools and techniques, including analysis of assessment results to choose likely vulnerable targets, verification of hypothesized vulnerabilities and demonstration by exploit, and generation of recommended mitigation strategies and corrective actions.

Noblis is fully versed in the new and emerging guidance concerning methods to safeguard Federal information and information systems. We have developed methods to effectively and efficiently gather the necessary information and present it in a manner that meets the requirement, whether imposed at the Federal level or the agency level, in a time efficient and non-intrusive manner. These skills range from gathering information, executing and reviewing the results from security assessment tools, developing the proper documents and reviewing current processes to ensure they comply with governing guidance.

A summary list of our specialized Information Assurance skills includes:
  • Certification and Accreditation
  • Security Engineering and Architecture Analysis
  • Security Management
  • Security Training
  • Technical Assessments
    • Network Security
    • Application Security
    • Security Testing
    • Risk assessments
  • Requirements Analysis
  • Contingency planning
  • Cryptography/PKI
  • HSPD-12/PIV support
  • Contingency planning
  • Security Program Oversight and Policy Development Support

In addition, we have special knowledge of the FISMA Act of 2002, NIST Special Publication 800 series guidance and the related Federal Information Processing Standards (FIPS), the Department of Defense Information Technology Certification and Accreditation Process (DITSCAP) and its transition to the more NIST compatible Defense Information Assurance Certification and Accreditation Process (DIACAP), Director of Central Intelligence Directive (DCID) 6/3, and National Information Assurance Certification and Accreditation Process (NIACAP).


  Noblis, Inc. 3150 Fairview Park Drive Falls Church, VA 22042 703-610-2000   |   Term of Use   |   Privacy Policy   |   Copyright 2012 Noblis, Inc. All rights reserved.