NIST 800-171 and NIST 800-53 DSS AAPM PACKAGES AND SERVICE OPTIONS
A highly-structured approach to the cyber compliance process supported by a suite of very effective productivity tools in the form of compliance software programs, i2Express packages, multiple general report templates, and the availability of subject matter experts yield more accurate results in much less time
… that is why we are …
BETTER. FASTER. CHEAPER.
We deliver Cybersecurity Solutions in a comprehensive “Services Suite” that leverages our IC2E Cybersecurity Compliance Essentials with our industry leading i2ACT-800 Software Tools to provide a complete NIST 800-171 or NIST 800-53 DSS AAPM Assessment. From here we add our i2Express Cybersecurity Compliance Packages which deliver the completed Policies and Procedures, Systems Security Plan (SSP) and Plan of Actions & Milestones (POA&M). The process is completed with a full set of recommendations and remediations which can be combined with our Integrated Cybersecurity Sustainment Services that include Continuous Monitoring, CISO Services, Vulnerability Scanning and Training for long-term compliance.
NIST 800-171 and NIST 800-53 DSS AAPM ASSESSMENTS
Imprimis provides NIST 800-171 and NIST 800-53 DSS AAPM Assessment packages which combine the i2ACT-800s or i2ACT 800 Pro compliance tools with a complete assessment which can be performed either onsite or remotely. The packages offer a fast and cost-effective beginning to your cybersecurity compliance process.
NIST 800-171 Assessment Package
An established NIST 800-171 database within the i2ACT-800s.
An assessment report detailing compliance with the DFARS requirements.
A remediation plan detailing all noncompliant requirements and the general tasks that must be completed to become compliant.
NIST 800-53 DAAPM Assessment Package
A DSS established NIST 800-53 database within the i2ACT-800 PRO tool.
An assessment report detailing compliance with the DFARS requirements and specific DSS requirements.
A remediation plan detailing all noncompliant requirements and the general tasks that must be completed to become compliant specific to NIST 800-53 and the DSS AAPM requirements.
i2 EXPRESS PACKAGES
Based upon Imprimis, Inc.’s experience in the cybersecurity compliance field; and the need of Department of Defense contractors to quickly have completed NIST 800-171 assessments, Plans of Actions and Milestones (POA&M), System Security Plans (SSP) and supporting Policies and Procedures (P&P); Imprimis has developed compliance packages to achieve those goals quickly while minimizing the expense.
These packages take into consideration accepted cybersecurity principles and “Best Practices” that can greatly reduce remediation costs and time it takes to reach compliance. These compliance milestones allow DoD contractors to accomplish these compliance milestones and to be eligible to compete for contracts in as little as 1 month!
Sustainment Support Descriptions
Additional Service Options
Complete compliance actions typically will include vulnerability scans, penetration tests, and Red Team Assessment
Validations. Imprimis provides packages for these service options as follows:
Vulnerability Scans – Vulnerability scans are recommended sometime during or immediately after the assessment process so that vulnerabilities can be identified and addressed during the remediation process.
A complete vulnerability scan and scan report outlining all identified system and network vulnerabilities.
Penetration Testing – Penetration tests are recommended after the assessment and remediation process to ensure compliance with the Defense Industrial Base-Information Sharing and Analysis Center (DIB-ISAC) CyberVerify requirements as due diligence to further validate the strength of a company’s cybersecurity posture.
A penetration test report will provide a summary of what testing was completed, the scan report, test results, and recommendations for corrective actions.
A follow-up penetration test can be performed, if necessary.
Red Team Compliance Verification
Red Team Compliance Verification – An independent, objective Red Team Compliance Verification is recommended following the remediation process. Many companies, either to increase their competitive advantage or to satisfy certification requirements of Prime Contractors, elect to submit Red Team Assessment Validation findings to the DIB ISAC for review. The DIB ISAC will review the findings against their requirements and if the company is found to be compliant, the DIB ISAC will issue a CyberVerify certificate which can be used in proposals or be given to Prime Contractors as proof of compliance. NOTE: A third-party compliance verification is NOT required for compliance.
The Red Team Assessment Validation will:
Review the status of all DFARS requirements and assessment artifacts.
Annotate any remaining areas of non- or partial compliance.
Provide an audit report summarizing all findings, explanations and recommendations.
Allow for correction or remediation actions, if needed.
If compliant, the DIB ISAC will issue a CyberVerify certificate.
Services and Packages are not available for purchase through the online store. Package pricing varies depending upon company size, the number of users, end user devices, servers and networks. Call 719-785-0320 for your quote today!