Security Operations Center (SOC)
The US Federal Election Commission (FEC) required services of a Cybersecurity Contractor to run the Patch Management and Security Operations Center (SOC)
SD Solutions, LLC competitively won this contract and is providing the following services.
- Security impact analyses on proposed or actual changes to organizational information systems and environments of operation
- Assessment of selected security controls (including system-specific, hybrid, and common controls) based on the organization-defined continuous monitoring strategy; security status reporting to appropriate organizational officials
- Active involvement with authorizing officials in the ongoing management of information system-related security risks;
Assessment of security controls in compliance with FISMA SP800-53, department directives, and OMB Guidance
- Help the agency create near real-time risk management on ongoing information system authorization through the implementation of robust continuous monitoring processes; Documentation of artifacts gathering in support of FISMA SP800-53 Controls Assessments
- Continuous monitoring and Assessment of Security controls in place, compliance with Rev IV of FISMA SPM800-53 Controls;
Technical writing as may be required by the CIO, and CISO. Products include draft security SOP’s and procedures, security training manuals, position papers, draft security slide presentations to be made to various employee levels including FPI’s senior management
- Top-down, risk-based approach that considers materiality and significance in determining effective and efficient audit procedures and is tailored to achieve the audit objectives
- Evaluation of agency controls and their effect on audit risk
- Evaluation of general controls and their pervasive impact on business process application controls
- Evaluation of security management at all levels (agency-wide, system, and business process application levels)
- A control hierarchy (control categories, critical elements, and control activities) to assist in evaluating the significance of identified IS control weaknesses
- Grouping of controls categories consistent with the nature of the risk
- Assessment of Information System Controls significant to HR, OCFO, OGC, OCIO, etc.
- Security operations staff should be trained and prepared to address incidents as they occur.
- Discovered vulnerabilities should be addressed within procedures detailed in patch and configuration management plans
- Active security incidents should be addressed within procedures detailed in incident response plans
- Continuous monitoring metrics and reports should be generated and reviewed to evaluate the effectiveness of the solution
- Issue remediation activities should be documented in Plans of Actions and monitored for effectiveness