Think Tank works with agency IT Security Officers (ITSO) to provide IT security policy development and management services.

We assist the ITSO in the development, management and execution of C&A plans and policies.  We leverage our extensive experience implementing IT security processes to ensure a low risk approach that ensures the management, operational, and technical activities are integrated into coherent processes with repeatable high quality and cost effective outcomes. Our experience spans all four phases of the entire Security Development Life Cycle:

  • Initiation – Think Tank CISSP Information Assurance Specialists prepare security plans and operational procedures, implement the security process and facilitate system security plan analysis, update, and acceptance, ensuring that the authorizing official and responsible security officer are in agreement with the security plan.
  • Security Certification – Think Tank conducts assessments of required security controls, collects the required security data, and develops documentation for certification. In this phase we provide all the information required to correct deficiencies in the security controls and eliminate known vulnerabilities producing the desired outcome to meet the security requirements.
  • Security Accreditation – Think Tank assists with Security Accreditation decision and development of accreditation documentation, leading to authorization to operate (ATO).
  • Continuous Monitoring – Think Tank collaboratively tailors and implements configuration management and control processes, security control monitoring, and status reporting with supporting documentation.