The implementation of information security
solutions in government agencies and many commercial businesses are
increasingly being held to comply with a specific information security baseline
imposed by legislation such as FISMA (Federal Information Security Management
Act), HIPPA (Health Insurance Portability and Accountability Act), GLBA
(Gramm-Leach-Bliley Act), SOX (Sarbanes-Oxley Act), and HITECH (Health
Information Technology for Economic and Clinical Health Act); or by industry
standards such as ISO 27001 (Specification for an Information Security
Management System), ISO 27002 (Code of Practice for Information Security
Management), NIST 800 Series Publications (Computer Security Policies,
Procedures and Guidelines), and PCI DSS (Payment Card Industry Data Security
Standard). Beyond these formal
baselines, many businesses have established their own information security
policies.
TechSolutions information security professionals can provide an
independent assessment of whether your organization is in compliance with your
applicable information security baseline and assist you in compiling supporting
documentation. Our experts can provide
assistance with formal Certification and Accreditation (C&A) processes such
as DIACAP (DoD Information Assurance Certification and Accreditation Process),
NIACAP (National Information Assurance Certification and Accreditation
Process), and the NIST C&A methodology, or produce other formal reports to
document compliance.
