INFORMATION ASSURANCE

From integration projects to Certification and Accreditation (C&A), ISHPI’s professionals possess complete life-cycle system security expertise for C5ISR and other mission critical systems. We possess centuries of combined IA and cybersecurity experience, including guiding organizations to reaching their ISO 27001 Information Security Management certification and securing Intelligence Community networks and systems. Our expert staff includes 8570.1-M certified Security Engineers, Certification Engineers (CEs), Information Systems Security Managers (ISSMs), Information Systems Security Engineers (ISSEs), Information Systems Security Officers (ISSOs), Information Systems Security Representatives (ISSRs), and Continuity Engineers.

• Experts in ISO 27001 (ISO/IEC 27001:2005) Information Security Management Standard (ISMS) and ISO 27002 (ISO/IEC 27002:2005) Information Security Standards
• CISSP, ISSAP, ISSEP, ISSMP, GIAC, XACTA, SBCI, CEH, and 8570.1-M certified IA professionals
• Supporting Department of Defense (DoD), the Department of Homeland Security (DHS), the Intelligence Community (IC), and Federal Agencies
• Experts in FISMA, FIPS 201/HSPD-12 (NIST 800-79), DIACAP, NIACAP, NISPOM, JAFAN, DCID 6/3, DoDIIS, HIPAA and C&A
• Authority on securing systems and networks in accordance with DIACAP, DCID, NIST, NISPOM, DODIIS and other required federal, community and agency guidance
• Unique Proficiency in transition planning for New DNI/CNSS C&A Process and Policies (ICD 503)

INFORMATION ASSURANCE SERVICES

CONTINUITY ENGINEERING SERVICES

Certification and Accreditation Defense-in-Depth/Defense-in-Breadth FISMA Compliance Risk Management (risk assessment, mitigation, response and recovery) Certification Testing ICD 503, DCID 6/3, DIACAP, HIPAA and NIST Policies Vulnerability Assessment Testing Cross Domain Solutions Unified Cross Domain Management Office (UCDMO) Process Information Sharing Solutions Proficiency in the United Kingdom Accreditation Service (UKAS) (UK C&A process) Proficiency in Australian C&A Processes Physical security (DCID 6/9, TIA, NIST) OPSEC Security Management Security Architecture and Models Telecommunications Security (WAN, MAN, VPN, remote access management)

Continuity Engineering Policy Writing, Interpretation, Implementation and Compliance with:  * NSPD-51 "National Continuity Policy"  * NCS Directive 3-10 "Minimum Requirements for     Continuity Communications Capabilities"  * NCS Manual 3-10-1 (Implementation Manual for    NCS D3-10)  * National Continuity Policy Implementation    Plan (NCPIP)  * DHS Security Federal Continuity Directives (FCD 1    and FCD 2)  * DoD 3020.42 Defense Continuity Plan Development Business Impact Analysis (BIA) Risk Management (Risk Analysis, Mitigation, Response   and Recovery) Risk Analysis Methodologies Emergency Preparedness and Response Emergency Management Planning Defining Primary Mission Essential Functions and Mission Essential Functions

 

Download an easy to read and use version of our IA capabilities (PDF)