Federal Information Security Management Act (FISMA) Review and Compliance Audits
Project Snapshots –
This is a niche area of lifecycle expertise for Carson Associates, strengthening our IA practice with respect to our understanding of the Federal compliance environment. We have been the U.S. Nuclear Regulatory Commission's (NRC) GISRA/FISMA vendor of choice for information security audits since the policy's inception in 2001. Many of Carson's clients have received high marks from the House Committee on Government Reform, Technology, Information Policy, Intergovernmental Regulations and the Census Subcommittee.
Carson Associates provides information security audit support as a part of the FISMA requirement to conduct an annual independent assessment of an agency's information security program. Our audit services include a review of your information security policies, procedures, and agency self-assessments; examination of system owner information security practices and control techniques; vulnerability testing of mission critical systems; evaluation of agency corrective action plans; and recommendations for information security improvement. We develop all the necessary compliance reporting documentation required by the Office of Management and Budget (OMB).
