One of the largest obstacles in the RMF process is producing the artifacts that support the implementation of your organization's selected security controls. Including all of the "Dash 1" security controls, our team will write all of the policies and procedures needed to validate your security controls. This service includes even the most technical of security controls as we will use your staff to assist us in producing artifacts that will support your system throughout its life-cycle.
All 18 of the NIST SP 800-53 security control families (with the exception of the PM security control family) will have policy (the dash one security control) and procedures (the rest of the applicable security controls in that family covered in our policy and procedure deliverable for each.
All 18 of the NIST SP 800-53 security control families (with the exception of the PM security control family) will have policy (the dash one security control) and procedures (the rest of the applicable security controls in that family covered in our policy and procedure deliverable for each.
Policies should be the standard. Policies are standards, directives and guidelines handed down to you from your senior level organizations. While these are more structured, the procedures your organization goes about complying with those policies is where the major tailoring occurs. Our team has a deep understanding in this area and will interview your staff to ensure those procedures are exact and comply with policy.