inner-banner

1234

careers

Our Products

Providing the right product for the right scale of job, on budget and on time while exceeding expectations for our customers.

 

careers

Tech Watch

See SMS’ CISO talk about the importance of continuous monitoring and cyber threats

 

Risk Management Framework, Assessment & Authorization

SMS not only understands the Risk Management Framework (RMF) but our CISO, Mr. Thomas Kupiec, helped NIST write the ICD 503 and 800-37 documents. SMS has extensive experience migrating systems from the old DIACAP Certification and Accreditation (C&A) Process to the new Assessment and Authorization (A&A) process. Currently we have transitioned over 4000 systems to the RMF framework, A&A process, and the Continuous Monitoring (CONMON) and Diagnostic process, and the Continuous Asset Evaluation Situational awareness and Risk Scoring (CAESARS) framework that provides real time system threat data via visual common operating pictures. 
 

SMS has identified different processes, procedures, and technologies that incorporate change management rather than signature based solutions to neutralize APT risks.  SMS’ proactive, real-time approach to managing risk provides cost effective results for risk management and compliance that exceeds even the strictest DHS, IC and DoD standards. SMS provides expertise in assessments and testing, penetration testing, Red/Blue Teams, scorecards, and trained SMEs on all DoD and IC approved platforms such as ACAS, NESSUS, Cyberscope, eMass, Xacta, Core Impact, MetaSploit, ArcSight, Splunk, and many others. 

 

back-to-top