US federal government agencies require strict security governance strategies to protect sensitive information and comply with various security controls. Recently a high profile US government agency sought Consult2Comply’s (now C2C SmartCompliance) assistance in developing mapping services for federal regulations to create a Security Governance Strategy.
How We Helped
Using a blend of our consulting expertise and our dynamic web-based mapping tool, Compliance Mapper, we created relevant policies with associated mappings (crosswalks) to the NIST 800-53 security controls catalog.
The successful Security Governance strategy was implemented together with active monitoring for a more powerful, accurate reading on any technical risks ensued by operations. The workflow, quick assessment capabilities and risk modeling are all contained in a single interface complete with corresponding evidence and documentation.
It is not unusual for complex and sensitive projects such as development of a Security Governance Strategy to take several years. Consult2Comply finished this project in a few months.
Why C2C SmartCompliance
“Our client now has a solid baseline through which projects will be planned to extend the compliance strategy across additional federal and commercial regulations, standards, and best practices,” said Steve Crutchley, Consult2Comply(now C2C SmartCompliance) President and CEO. “For example, we will next extend the strategy to FISCAM and OMB requirements to assure budgetary compliance.”