Security Compliance

Certification and Accreditation (C&A)

A process that documents, evaluates, tests, and authorizes an information system, or major application in compliance with formal and established security requirements (i.e. FISMA). Secured Cyber has certified experts that fully understand and have vast experience in all phases of the C&A lifecycle and methodologies, including DIACAP, NIST and ISO 27001. Whether writing C&A required documents, performing Security Tests and Evaluations (ST&E), or providing Certification Agent services, Secured Cyber is capable of delivering world-class C&A services.

Security Compliance
Independent Verification and Validation (IV&V)

A process that checks to ensure that the security measure (e.g. architecture, controls, policy etc.) are in place, operating as intended and have the desired outcome. Secured Cyber is experienced in both reviewing security measures (verification) and in assessing security measures (validation). Our certified experts have experience in reviewing and assessing policies, system documentation, architecture configurations, and a wide spectrum of activities to assess the adequacy of physical, personnel, or system-level security controls either in place, or planned.

Regulatory Compliance

Conforming with a law, regulation or compliance framework that has been clearly defined. Secured Cyber has certified experts with knowledge and experience in US and international laws, regulations and compliance frameworks. This knowledge and experience includes:

  • Federal Information Security Management Act of 2002 (FISMA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Control Objectives for Information and related Technology (COBIT)
  • National Institute of Standards and Technology (NIST)
  • Federal Information Processing Standards (FIPS) and Special Publications (SP)
  • International Organization for Standardization (ISO)