Information Assurance Oversight

Protecting data is no longer an option. DoD regulations require all branches of the military to develop, test, and monitor internal controls to protect their data and ensure its confidentiality, availability, and integrity.

As part of its Information Assurance Oversight Program, C5i has developed a detailed methodology based on DoD, NIST, FIPS, OMB, HSPD, H.R. Acts, and Executive Orders that can help our military clients comply with the myriad of federal computer security regulations. This methodology provides a logical, comprehensive approach for ensuring that organizations comply with all applicable laws and guidelines and maintain adequate protection of their electronic data.

 Examples of C5i's Regulatory Assessment Program evaluations that apply to government agencies and organizations include:

Security Program Management Support

• Develop & Maintain Security Oversight Programs
• Security Budget & Staffing Management
• Security Remediation Management (POA&MS)
• Privacy Program Management
• Training & Awareness Management


Security Documentation Compliance Assessment
Evaluate Security Documents & Policies (SSP, COOP, Contingency Plans, Disaster Recover Plans, etc.) based on DoD, NIST, FIPS, OMB, HSPD, H.R. Acts, and Executive

Perform Security Assessments

• FISMA Self-Assessment and Reporting
• DIACAP (C&A) based on DoD 8510.01, RMF
• Security Test & Evaluation (ST&E)
• Risk Assessment
• Privacy Impact Assessment (PIA)
• Network Security Assessment (Pen Test)
• Application Security Assessment (Pen Test)
• Baseline Vulnerability Assessment
• Security Architecture Evaluation
• Enterprise Architecture Evaluation
• Physical & Environmental Assessments
• Code Review