PRODUCED AND DEVELOPED BY IMPRIMIS INC
NIST 800-171 and NIST 800-53 DSS AAPM PACKAGES AND SERVICE OPTIONS
A highly-structured approach to the cyber compliance process supported by a suite of very effective productivity tools in the form of compliance software programs, i2Express packages, multiple general report templates, and the availability of subject matter experts yield more accurate results in much less time
… that is why we are …
BETTER. FASTER. CHEAPER.
We deliver Cybersecurity Solutions in a comprehensive “Services Suite” that leverages our IC2E Cybersecurity Compliance Essentials with our industry leading i2ACT-800 Software Tools to provide a complete NIST 800-171 or NIST 800-53 DSS AAPM Assessment. From here we add our i2Express Cybersecurity Compliance Packages which deliver the completed Policies and Procedures, Systems Security Plan (SSP) and Plan of Actions & Milestones (POA&M). The process is completed with a full set of recommendations and remediations which can be combined with our Integrated Cybersecurity Sustainment Services that include Continuous Monitoring, CISO Services, Vulnerability Scanning and Training for long-term compliance.
NIST 800-171 and NIST 800-53 DSS AAPM ASSESSMENTS
Imprimis provides NIST 800-171 and NIST 800-53 DSS AAPM Assessment packages which combine the i2ACT-800s or i2ACT 800 Pro compliance tools with a complete assessment which can be performed either onsite or remotely. The packages offer a fast and cost-effective beginning to your cybersecurity compliance process.
NIST 800-171 Assessment Package
-
An established NIST 800-171 database within the i2ACT-800s.
-
An assessment report detailing compliance with the DFARS requirements.
-
A remediation plan detailing all noncompliant requirements and the general tasks that must be completed to become compliant.
NIST 800-53 DAAPM Assessment Package
-
A DSS established NIST 800-53 database within the i2ACT-800 PRO tool.
-
An assessment report detailing compliance with the DFARS requirements and specific DSS requirements.
-
A remediation plan detailing all noncompliant requirements and the general tasks that must be completed to become compliant specific to NIST 800-53 and the DSS AAPM requirements.
i2 EXPRESS PACKAGES
Based upon Imprimis, Inc.’s experience in the cybersecurity compliance field; and the need of Department of Defense contractors to quickly have completed NIST 800-171 assessments, Plans of Actions and Milestones (POA&M), System Security Plans (SSP) and supporting Policies and Procedures (P&P); Imprimis has developed compliance packages to achieve those goals quickly while minimizing the expense.
These packages take into consideration accepted cybersecurity principles and “Best Practices” that can greatly reduce remediation costs and time it takes to reach compliance. These compliance milestones allow DoD contractors to accomplish these compliance milestones and to be eligible to compete for contracts in as little as 1 month!
PLAN OF ACTIONS AND MILESTONES (POA&M) EXPRESS PACKAGE
The POA&M Package was developed by Imprimis so that remediation tasks and actions identified as needed during the assessment can quickly be included and scheduled in the POA&M and inserted into a Microsoft Project worksheet.
These tasks collectively define the plan that will support the client to move from the current configuration to a fully compliant state.
-
Provide the customer a tailored POA&M which will include all remediation activities which need to be completed for full compliance
-
If requested, Imprimis will lead facilitated meetings with customer to define options, including cost and implementation lead times, to achieve the final schedule for all tasks.
-
The customer will make decisions on key elements which include network changes required, key technology/system selections such as multi-factor authentication, backup, monitoring and scanning selections, and will make the final decisions on schedule based on the customer’s needs and resources available.
DELIVERABLES
-
Customer POA&M in MS Project or Excel (can apply to open source project management tools)
I2ACT NIST 800-171 SYSTEMS SECURITY PLAN (SSP) EXPRESS PACKAGE
Utilizing the I2ACT SSP Template and working closely with the customer, a NIST 800-171r1 and DFARS compliant SSP will be developed as follows:
-
System definition including diagrams and hardware/software inventories
-
Identification of the customer’s management organization with responsibility for the protecting the business, Information Technology, and controlled Unclassified Information (CUI)
-
Risk analysis/assessment
-
Inclusion of the most current NIST 800-171 assessment
-
Recommended inclusion of the customer’s Policies and Procedures and POA&M (If any controls are noncompliant, the POA&M is a required component of the SSP.)
DELIVERABLES
-
Draft customer SSP
I2ACT NIST 800-171 POLICIES & PROCEDURES (P&P) EXPRESS PACKAGE
More than 100 of the 110 requirements in NIST 800-171 call for governing policies and procedures. The Imprimis P&P document addresses this need and is designed to be adopted “as is” and will require no changes. This package provides direct mapping of NIST 800-171r1 requirements to the policies and procedures a company needs to implement to be compliant with the added benefit of saving money and resources typically incurred when developing P&P’s. Of course, the customer can modify or adjust the P&P at any time as they see fit.
A training briefing and video are included with this package, so all employees can immediately be trained on the adopted P&P.
Policies and Procedures Package includes:
-
Two separate documents – a Policy document and a Procedure document which allows for easy future additions/deletions
-
Facilitated review of the P&P package with the customer as
-
Incorporation of minor changes after customer review if necessary
-
Assistance with customer’s approval process for P&P adoption
-
Overview of the training briefing and video
-
A draft Incident Response Plan (IRP)
Note: This P&P Package does not include completely customized P&P preparation, re-writing of existing customer policies and procedures, or actual training of employees.
DELIVERABLES
-
Final tailored P&P package
I2ACT NIST 800-171 & NIST 800-53 DSS DAAPM INCIDENT RESPONSE PLAN (IRP) EXPRESS
The purpose of the Incident Response Plan (IRP) is to plan, implement, and maintain a robust incident-handling capability for organizational information and operational systems. This capability includes preparation, detection, analysis, containment, recovery, and user response activities. The IRP Package will be prepared working jointly with client, taking into account their existing corporate culture, processes and IT knowledge base and will provide the:
-
Establishment of the Cyber Incident Response Team (CIRT) which includes corporate management, the Chief Information Security Officer (CISO) and IT management and staff.
-
Definition of the process for responding to incidences.
-
Determination of the appropriate documentation and reporting to be included with incident responses.
Once the IRP is in place, the client will be responsible for training their management and staff on incident response and developing mock incident response exercises multiple times per year.
Deliverable:
Final tailored Incident Response Plan
Sustainment Support Descriptions
Cyber Threat Monitoring & Prevention
Continuous Monitoring
Threat Analysis
Incident Response
Cyber Threat Monitoring & Prevention is a three-step process of ongoing reviews of alerts and logs. As things are dynamically identified, Information Security analysts move into deeper analysis of the threat and then remediation as required.
Continuous Monitoring
-
Monitoring of event logs; Security Incident & Event Management (SIEM) alerts; Vulnerability Management System; Anti-Virus/Anti-Malware system; and other Information Security tools to manually attempt to identify Information Security threats
Cyber Threat Analysis
-
Evaluate and escalate as required any alerts generated by the systems above where an Indicator of Compromise (IOC) corresponds to events within the monitored intranet.
Incident Response Services
-
Respond in accordance with governing policies and procedures, the SSP, and information security best practices to actual incidences providing technical advice, forensic analysis, and remediation recommendations/services.
Annual Reassessment Services
An assessment will be performed annually to ensure full compliance with NIST 800–171 and the development of a POA&M will be done if necessary.
Supply Chain Support
Supply chain support will include 1) making all subcontractors and suppliers aware of CUI, educating them how to deal with CUI and comply with cybersecurity requirements, 2) working with key members of the supply chain to ensure that they are in compliance or assist them in becoming compliant, 3) monitoring the supply chain to ensure continued compliance.
Crisis Incident Response Services
Respond in accordance with governing policies and procedures, the SSP, and information security best practices to actual incidences that have significantly affected an organization’s ability to operate (e.g., Petya & FedEx) by providing on-site/remote technical advice, forensic analysis, and remediation recommendations/services.
Ongoing Cybersecurity Advisory Services
Provide advisory services during sustainment to support continuous improvement. Support information security testing and exercises as required. Provide support as required to remediate cyber security issues.
Recurring Training
Provide recurring training for all employees and additional role-based training for IT and cyber security personnel.
CISO / Risk Management Advisory Services
Provide the services of a very senior subject matter expert to act as the CISO or Interim CISO or advise the Chief Information Security Officer or CISO, the corporate risk management executive, and senior management regarding cyber-based risks and provide senior management with recommendations to remediate deficiencies and strengthen overall cyber security and risk management.
Additional Service Options
Scanning
Complete compliance actions typically will include vulnerability scans, penetration tests, and Red Team Assessment
Validations. Imprimis provides packages for these service options as follows:
Vulnerability Scans – Vulnerability scans are recommended sometime during or immediately after the assessment process so that vulnerabilities can be identified and addressed during the remediation process.
-
A complete vulnerability scan and scan report outlining all identified system and network vulnerabilities.
-
Penetration Testing – Penetration tests are recommended after the assessment and remediation process to ensure compliance with the Defense Industrial Base-Information Sharing and Analysis Center (DIB-ISAC) CyberVerify requirements as due diligence to further validate the strength of a company’s cybersecurity posture.
-
A penetration test report will provide a summary of what testing was completed, the scan report, test results, and recommendations for corrective actions.
-
A follow-up penetration test can be performed, if necessary.
Red Team Compliance Verification
Red Team Compliance Verification – An independent, objective Red Team Compliance Verification is recommended following the remediation process. Many companies, either to increase their competitive advantage or to satisfy certification requirements of Prime Contractors, elect to submit Red Team Assessment Validation findings to the DIB ISAC for review. The DIB ISAC will review the findings against their requirements and if the company is found to be compliant, the DIB ISAC will issue a CyberVerify certificate which can be used in proposals or be given to Prime Contractors as proof of compliance. NOTE: A third-party compliance verification is NOT required for compliance.
The Red Team Assessment Validation will:
-
Review the status of all DFARS requirements and assessment artifacts.
-
Annotate any remaining areas of non- or partial compliance.
-
Provide an audit report summarizing all findings, explanations and recommendations.
-
Allow for correction or remediation actions, if needed.
If compliant, the DIB ISAC will issue a CyberVerify certificate.
Services and Packages are not available for purchase through the online store. Package pricing varies depending upon company size, the number of users, end user devices, servers and networks. Call 719-785-0320 for your quote today!