Cyber Security Assessment and Planning (C&A)

Secure IT - To Secure Customer Information and IT Infrastructure from Threats
Datawiz Capability Statement

In today’s connected world, fast and efficient access to critical information is a vital part of business operations. To IT administrators, the challenge is to secure this type of information with a minimum of disruption to the end user. Datawiz knows and meets those challenges every day.

We collectively bring a century of real-world experience to securing enterprises and their critical assets. Our Cyber Security Services offer solutions that address your unique need. Whether it is applying industry best practices or meeting regulatory requirements, Datawiz can help.

Datawiz analyzes network and system vulnerabilities and provides actionable steps for rectifying them. Our consultants also combine thorough interviews, advanced scanning technologies, and documentation review to identify and resolve areas of exposure within the IT environment. It is through our holistic approach to Cyber Security that our teams have been so successful in the Government and Private Sectors.

What Datawiz offers:

The following provides a high-level list of Cyber Security Services that Datawiz offers today.

  • Cyber Security & Privacy Assessment and Testing
  • Certification & Accreditation (C&A)/Risk Management Framework (RMF) (DIACAP and NIST)
  • Security Test & Evaluation (ST&E)/Security Control Asessment (SCA) – DoDI 8500.2 and NIST SP 800-53
  • Independent Verification & Validation (IV&V)
  • Vulnerability Assessments
  • Penetration Testing – External/Internal
  • Risk Assessment & Analysis
  • FISMA Tool Utilization (e.g., eMASS, CyberScope, CSAM, etc.)
  • Privacy Threshold Analysis (PTA)/Privacy Impact Assessment (PIA)
  • Continuous Monitoring (NIST SP 800-37)
  • Application Code Review

Certification and Accreditation (C&A) Methodology:

The Datawiz Corporation C&A methodology is based on National Institute of Standards and Technology (NIST) Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems, and is easily adapted to meet agencies’ own internal C&A process.

The Datawiz Corporation methodology incorporates activities, general tasks, and a defined management structure to help agencies obtain and maintain enterprise-based C&A for their information system infrastructure and applications. The methodology is sufficiently flexible to evaluate systems in various lifecycle stages, systems under evolutionary development, and single-purpose or legacy systems, for as long as they exist. Standardized assessment methods and procedures promote more consistent, comparable, and repeatable security assessments of federal information systems.