(719) 785-0320

CONTACT 

  • Imprims Inc
  • Imprimis Inc
  • Imprimis Inc | i2ACT-800 Compliance
  • Imprimis Inc | i2ACT-800 Compliance

Customer Support: 

Sales Support: 

Technical Support: 

Colorado Springs, CO © 2018 Imprimis, Inc.         

i2 ACT PRODUCT OVERVIEW

Imprimis Assessment and Compliance Tools

 

Overview

 

Imprimis started the development of the Imprimis Inc. (i2) Assessment and Compliance Tool (ACT) for the NIST (SP) 800 standards in 2010 and the tool has gone through a number of releases and continues to evolve.  The tool is named  i2 ACT-800 (Imprimis Inc. Assessment and Compliance Tool) where the 800 refers to the NIST 800 special publication series of standards. The current release is version 3.6.1, and several major enhancements are underway for version 4.0 which is under development.  Additionally, Imprimis is preparing for the inclusion of the new CMMC (Cybersecurity Maturity Model Certification) being developed by DoD.  Designs and schedules will be finalized once the final version of CMMC is known.

 

There are multiple versions of the i2ACT-800.  The i2 ACT-800 Pro contains all the controls from the NIST 800-53 catalog of controls, NIST 800-171, DAAPM, and CNSSI 1253, and contains over 50 preconfigured baselines.  The second tool is the i2 ACT-800s which is dedicated to the NIST 800-171 standard required by the DFARS 204.73 regulations.  Imprimis also developed a rollup tool to allow the viewing and analysis of up to 100 separate assessments at any time.

 

The tools easily operate on laptops or desktops.  The tool is built on Microsoft Access but can run with SQL server if required.  The runtime version is used where possible so that no special software requirements are imposed on the use.  In addition, the tool is available in 2016 MSI (Microsoft Installer) 32 bit and 64-bit versions, and 2019 and Office 365 CTR (Microsoft Click to Run) in both 32- and 64-bit versions.

What are the Major Advantages of the i2ACT-800?

 

Originally, the i2ACT-800 was developed as a productivity tool to reduce the time required for assessments.  It was very successful at streamlining the process and minimizing labor.  But the tool has evolved resulting in three major benefits:

  1. Productivity Enhancement: The tool speeds the process and allows collaboration with multiple staff members, so assessments take a fraction of the time they previously did;

  2. Learning and Training: The tool contains many references and explanations of the cybersecurity requirements which allow first-time assessors to spin up in much less time and work with far greater accuracy, and enables experienced assessors to increase the depth of their knowledge; and

  3. Document Management System: Assessing and demonstrating compliance requires a great deal of record keeping from policies and procedures to screen shots of settings, scans, logs, and other sources of information that demonstrate compliance.  All such documents are contained permanently in the database in a logical easily access file system for auditor, future assessments and training.

 

i2ACT Products and Templates

The i2ACT-800s product provides tools to assist in assessing compliance with the NIST 800-171r1 requirements as specified in the DFARS Subparts 204.73 and 239.76 and contains all 110 requirements and the 125 referenced controls from NIST 800-53r4. 

i2ACT-800s

Our Incident Response Plan (IRP) Template is designed to serve as a template for developing an IRP suitable for your organization and IT network. An IRP provides guidance to organizational personnel on how to respond to various types of cybersecurity incidents and greatly improves the likelihood of consistent, productive, and timely response.

DIY Incident Response Plan Template

The i2ACT-800 PRO product includes all the tools and features from the i2ACT-800s for NIST 800-171r1 for DFARS Subparts 204.73 and 239.76.  It additionally provides support for all NIST 800-53r4 controls and standards based on NIST 800-53r4, DSS AAPM, FIPS, ICS, and ICNSS 1253.

i2ACT-800 PRO

The System Security Plan (SSP) template is designed to allow companies to efficiently develop one or more SSP(s) by:

  • Describing and characterizing their network architecture

  • Identifying governance

  • Establishing system categorization and risk assessments, to include identification of relevant security baselines, controls and overlays

DIY System Security Plan Template

The Policy and Procedures (P&P) template is designed to serve as a template for developing Policies and Procedures (P&P) suitable for your organization and IT network.

DIY Policy & Procedures Template

The i2ACT Rollup Tool enables organizations to take extracts of i2ACT-800 assessments from multiple associated organizations, subcontractors and suppliers and aggregate (or “roll up”) their collective data into one whole for cybersecurity compliance verification, broad evaluation, analysis and collective reporting.

i2ACT Rollup Toll