Policy Development Please Follow Instructions W
This is an assignment for work, please write about the services we provide and how we would be able to use them for the company NOAA, my company name is technuf here is our website
http://technuf.com/portfolio_items/cybersecurity/
The contractor is expected to provide diverse Cybersecurity and Information Assurance (IA) services that enforce, comply with, and support the Federal Information Security Management Act (FISMA) cybersecurity and IA security directives, Department of Homeland Security (DHS), DOC, and NIST policies and procedures. Cybersecurity and IA include a wide-range of technical, functional, and
managerial services necessary to ensure the secure operation of systems. Cybersecurity and IA services include, but are not limited to:
· policy development;
· security technical assessment;
· insider threat assessment;
· security architecture development;
· security engineering;
· certification and accreditation;
· and security compliance.
The work may also include support for development, administration, and ongoing execution of a security program for all NOAA facilities and systems. Effective execution and implementation of security services enables satisfactory returns on enterprise and Staff and Line Office investments in security activities. The contractor is expected to support NOAA in the following Security Services objectives:
· transform security management from a compliance model to proactive management utilizing the risk management framework;
· perform and support Assessment and Accreditation (A&A) activities and continuous monitoring on NOAA’s various FISMA Systems;
· operationalize the means and ability to detect, record, analyze, report and act upon security incidents, and minimize the probability of occurrence by applying intrusion testing and active monitoring;
· develop the capability to systematically collect and analyze information on new threats and vulnerabilities
· and communicate and implement prompt and adequate mitigating controls.
3.1.6.2 Provide security services with the following supporting requirements:
· Support the security of NOAA personnel information. This includes supporting compliance with the Homeland Security Presidential Directive (HSPD-12) for a common identification standard for Federal employees and contractors;
· Integrate security processes into other IT or business processes, such as patch and configuration management, identity and access management, hosting, storage management, and remote access;
· Provide security services at the application level to include, but not limited to: application IT
· security best practices and application scanning;
· Offer solutions for Digital Signature Authority Services (such as for document signing and website certifications) for the NOAA enterprise and its Staff and Line Offices that are not addressed under Homeland Security Presidential Directive-12 (HSPD12) to include Personal Identity Verification-Interoperable (PIV-I)s.
· Specific cybersecurity and IA requirements and services will be identified in the individual task