Service

Creation/Maintenance of Security Documentation and/or Procedures

Description

This service includes creating, updating and/or consultation on information protection processes and procedures (based on National Institute of Standards and Technology (NIST) 800-53 and any other applicable federal guidance). This service yields the required documentation for a new or continuously monitored system to prepare for a security control assessment. Key deliverables include:

  • System Security Plans (SSP)
  • Audit log monitoring procedures
  • Account Management Plans (AMP)
  • Incident Response Plans (IRP)
  • Information System Contingency Plans (ISCP)