Cybersecurity and Information Assurance

Category Archives:Cybersecurity and Information Assurance

Implementation of Occupational Safety and Health Information System

September 2018: US Department of Homeland Security (DHS) awarded a 5 Year Contract to SD Solutions, LLC to Implement Occupational Safety and Health Information System (OSHIS) to be used at hundreds of airports worldwide.

DHS requires a COTS OSHIS, customized to meet DHS’s specific requirements, to serve as the centralized repository for all safety, health, and workers’ compensation information. This will allow DHS to comply with laws, regulations, policies, and procedures governing Federal OSH and Federal workers’ compensation programs.

The overall scope of the contract includes:

  • Project Management
  • Infrastructure Design, Procurement, Installation, and Hosting
  • Commercial Off  The Shelf (COTS) Deployment
  • Personal ID Verification (PIV) Integration
  • Software Development and Enhancements
  • Integration with Other TSA and DOL Systems
  • Cybersecurity, Information Assurance, and Authority To Operate (ATO)
  • Training
  • Help Desk
  • Operations and Maintenance
  • Database Backup, Recovery
  • Disaster Recovery

A US Federal Agency Awards Competitive Prime Contract to Provide Cybersecurity Advisory and FISMA Remediation Services

April 2016: SD Solutions, LLC received “best value” competitive prime contract award from a Small Federal Agency to provide FISMA Remediation and Cybersecurity Advisory Services.

Under this contract, SD Solutions, LLC will work with the CIO and CISO of the agency to provide the following services.

  • Help the agency comply with FY16 FISMA requirements
  • Implement an automated capability to scan and report on hardware and software assets
  • Perform vulnerability scans periodically at the frequency defined in organizational policy and based on management’s assessment of risk
  • Implement recommendations as documented within the Vulnerability Scan Assessment Report and enhance current vulnerability management processes to ensure that cybersecurity weaknesses are identified and remediated in a timely manner
  • Develop Policy and process requiring documented reviews of relevant Statements on Standards for Attestation Engagements (SSAE16) reports for service providers, and guidance surrounding how the reports should be reviewed, including evaluation of reportable conditions and user control considerations (UCCs)
  • Complete the Evaluation of the Fiscal Year 2016 Chief Information Officer Annual Federal Information Security
  • Participate in CyberStat accountability sessions and agency interviews with NSC and DHS for CyberStat face-to-face interviews and coordination with CIO/CISO to discuss the security posture with DHS
  • Complete and maintain the Plan of Action for improving specific cybersecurity capabilities, and provide FY targets and demonstrate progress toward those targets
  • Provide DHS information for Proactive Scans of Public Facing Agency Networks per OMB Memo M-10-28
  • Represent the agency in performing all FISMA reporting to include Quarterly report to CyberScope and Annual reporting
  • Work with agency officials in accordance with Section 301 § 3544 of FISMA, to submit an annual report to OMB, the Committees on Oversight and Government Reform and Science, Space, and Technology of the House of Representatives, the Committees on Homeland Security and Government Affairs and Commerce, Science, and Transportation of the Senate, the appropriate authorization and appropriations committees of Congress, and the Comptroller General, by the due date establish by OMB and DHS
  • Represent the agency to answer questions on the FISCAM evaluation as well as complete the written report to be entered into CyberScope