Security Control Assessment
We test and/or evaluate management, operational, and technical security controls in information systems to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.
We help in determining the differences between the current and ideal state of information security within your organization. To do this we conduct a workshop within your organization and covers a wide variety of cyber security-related components, controls and procedures.
Third Party Assessment
As third-party assessors, the assessments we perform are typically risk-based or compliance-based but could be related to data as well. The assessments are not designed to embarrass people or to point fingers, but to help companies make informed decisions.
Plan of Action & Milestone Management (POA&M)
The management of Plan of Action and Milestones (POA&Ms) is mandated by the Federal Information Systems Management Act of 2002 (FISMA) as a corrective action plan for tracking and planning the resolution of information security weaknesses. LeverageMinds help organizations create and manage POA&Ms to remediate information security weakness in their information systems.
System Security Documentation Development & Review
We provide security documentation development and/or review for organizations. We perform these to determine if the technical aspects of policies and procedures are current and comprehensive. These documents provide the foundation for organizations security posture, hence why we develop and/or for technical accuracy and completeness.
CMMC & CUI Certification
The Cybersecurity Maturity Model Certification (CMMC) is the Department of Defense’s (DoD) newest verification system designed to ensure the protection of Controlled Unclassified Information (CUI) that resides on the Defense Industrial Base (DIBNet) systems and networks. LeverageMinds is ensuring to be ready to meet CMMC Requirements by 2021.
FISMA/Risk Management Framework Training
The purpose of this training is to provide cybersecurity professionals new to the risk management with an overview of a methodology for managing organizational risk in accordance with NIST Special Publication (SP) 800-37, Revision 2. For individuals with experience with NIST SP 800-37, Revision 1, this course will explain updates to the RMF in Revision 2, including the integration of privacy and supply chain risk management into this holistic process.
FedRAMP Cloud-Based Assessment
For these assignments we include the following:
♦ Manual security controls assessment against NIST SP 800-53 Revision 4 (scope dependent on system impact level and control inheritance)
♦ Vulnerability scanning (of all operating systems, network devices, databases and web applications), Penetration testing & many more.
17025 IsIip Loop,
Dumfries, VA 22026
February 10 ,2021
SUBSCRIBE TO OUR PODCAST
Leveraging People, Process, and Technology to deliver substantial value to our clients. We focus on their key security elements and business needs.
ALL RIGHTS RESERVED