Time and Talent

Cyber Security Services

The Federal Information Security Management Act (FISMA) of 2002 requires federal agencies to bring the level of security of their policies, IT systems, applications, databases and personnel training to strong 21st century standards.  FISMA requires compliance with industry best practices including the National Institute of Standards and Technology (NIST) for risk management, security control assessments, continuous monitoring and incident reporting. FISMA improves the confidentiality, integrity, and availability of federal information assets.

Dogwood understands FISMA requirements and the people, processes, and technologies required to ensure full compliance. Our FISMA compliance services identify gaps within the agency’s security program and the requirements of FISMA reporting and provides remediation actions for improving compliance.  Since the act was passed in 2002, we have assisted federal organizations with understanding FISMA, and by providing systems and services to help achieve marked improvements, if not full compliance via audited security scores.

Dogwood's service offerings in FISMA and Regulatory Compliance include:

  * Evaluating agency's existing security program and determining gaps with FISMA compliance
  * Developing quarterly and annual FISMA reports
  * Performing Enterprise Risk Assessments
  * Developing appropriate enterprise security policies and procedures
  * Translating FISMA requirements for operational systems
  * Developing and implementing processes for C&A compliance in accordance with NIST SP 800-37
  * Reporting on continuous monitoring activities for proper POA&M management
  * Reporting on status of FISMA requirements including risk assessments, POA&M status, security control assessments, and documentation requirements
  * Analyzing and recommending enterprise tools for FISMA compliance and reporting

We get results.

In 2004, Dogwood was responsible for The US Agency for International Development (USAID) being one of the first agencies to receive an "A+" in their annual information security audit, which we have helped them to repeat in 2005, 2006, 2007 and 2008.

Dogwood helped to develop the business continuity plan for the State of Louisiana's Department of Public Safety in Baton Rouge one year before Hurricane Katrina.

Dogwood helps government clients to achieve measurable, specific results.  What can we do for you?

Contact us