7389 Lee Highway, Suite 210, Falls Church, VA 22042
703.237.7370
            Login | Register

FISMA

Since its formation, Information Technology Company, LLC (ITC) has pioneered the way in solving clients' real world IT issues with quality of service and sound technology.

FISMA

Information Technology Company, LLC (ITC) provides Security Test & Evaluation (ST&E) services in support of Certification and Accreditation (C&A) requirements. The company helps prepare Federal Agencies for GAO or OIG information security audits, and provides agencies with in-depth reviews to assure GAO or OIG audit conformity.

Security Test & Evaluation (ST&E)

fisma-1ITC services offer a comprehensive assessment of the management, operational, and technical security controls in an information system to determine correct implementation, intended operating procedures and desired outcomes.   ITC aids agencies in their effort to achieve total system security by creating comprehensive, periodic evaluation plans including network vulnerability and infrastructure penetration assessments.

ITC specializes in pinpointing security deficiencies present in mainframe, server, LAN and application databases specifically related to user identification and authentication, authorization, boundary protections, cryptography, audit and monitoring, and physical security.


 

Proven Methodologies & Experi­ence

fisma-2ITC procedures involve examination of the agency’s total environment and correcting weaknesses in risk assessments, security policies and procedures, security planning, security training, system tests and evaluations, and remedial actions.

ITC combines technology, proven methodologies and experi­ence to help its customers reduce risk and achieve maximum security. The process is an aggressive evaluation of the agency’s information systems enterprise to ensure not only FISMA compliance, but total risk mitigation.

ITC follows procedures laid out in the Federal Information System Controls Manual (FISCAM) and standards published by NIST and DISA that evaluate the reliability of computer-generated data supporting financial statements or to evaluate the adequacy of controls in systems to help reduce the risk of loss due to errors, fraud and other illegal acts and disasters, or other incidents that cause the systems to be unavailable.

Have Questions?

    Your Name

    Your Email

    Phone Number

    Subject

    Your Message