Sep
08

DFARS NIST 800-171 Compliance Services for Colorado Businesses

Federal contractors in Colorado holding Controlled Unclassified Information (CUI) must become compliant with DFARS NIST 800-171 as mandated by the Department of Defense (DoD). Growing cybersecurity threats and challenges are creating huge challenges for federal agencies – particularly the DoD – who relies on thousands of contractors for essential services.

While the vast majority of DoD contractors are luckily spared from various federal compliance rulings due to the fact they do not maintain a “federal information system”, they nonetheless provide critical services that could impact such systems. Because of this, DFARS NIST 800-171 compliance is required, and FLANK can assist. We’re one of Colorado’s leading provider of federal and industry specific compliance services and solutions, from FISMA to DFARS, and much more. Visit flank.org to learn more, or email us at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

Colorado’s DFARS NIST 800-171 Experts

As for our DFARS NIST 800-171 solutions for federal contractors in Colorado, we offer a full lifecycle of services and solutions, those essential for meeting compliance on time and within budget. While a December 31, 2017 deadline was imposed for DFARS compliance, continuous monitoring initiatives must be put in place, which means annual compliance is the new “norm” for DoD contractors.

  • Are you a federal contractor in Colorado and have questions regarding DFARS NIST 800-171 compliance?

  • Not sure where to start or you’ve already conducted an initial assessment and need help with documentation gaps and technical/security control deficiencies?

  • Looking for expert guidance on authoring your DFARS NIST 800-171 System Security Plan (SSP)?

Whatever services you need for DFARS, we can assist, offering well-versed and knowledgeable consultants with years of federal compliance expertise – all at fixed-fees.

DFARS NIST 800-171 Policy Toolkits for Colorado Businesses

Nobody likes spending dozens of hours or thousands of dollars on consultants when it comes to authoring information security policies and procedures. And with DFARS NIST 800-171, documentation is critical for meeting compliance, and it’s why we’ve developed comprehensive toolkits and solutions for rapid DFARS compliance for federal contractors in Colorado. Available for instant download, the documentation is mapped directly to the NIST SP 800-53 and NIST SP 800-171 standards, giving you prescriptive materials that are exceptionally well-written and easy-to-use. Federal regulatory compliance with DFARS is challenging enough without having to comply with the massive documentation requirements, so save yourself time and money by downloading the DFARS NIST 800-171 compliance toolkits and solutions today.

Continue reading
  17 Hits
17 Hits
Aug
29

FISMA Consultant & Compliance Services for Colorado Businesses

Federal contractors in Colorado seeking professional FISMA consultant and compliance services and solutions can turn to the regulatory compliance experts today at FLANK.

While FISMA was enacted into law in 2002 – and subsequently revised yet again in 2014 – many federal agencies have lacked the necessary manpower and logistics for enforcing compliance on contractors. That’s all changed in today’s growing world of cybersecurity threats that are placing extreme challenges on federal agencies.

With literally thousands of businesses throughout North America providing critical support services to federal agencies, FISMA compliance is now front and center for hundreds of businesses throughout Colorado. Need assistance with FISMA compliance, but not sure where to start? Looking for industry leading FISMA information security policies and procedures, and other supporting documentation? Then turn to the federal compliance experts at FLANK, Colorado’s leading provider of FISMA services and solutions.

FISMA Compliance Toolkits for Colorado Businesses

If you’ve delved into the specifics of becoming FISMA compliant, then you’re well aware of literally dozens of different information security policies and procedures that need to be in place. Compliance with FISMA ultimately means compliance with NIST SP 800-53, which in turn requires an extensive list of InfoSec policies to be in place. From Access Control to Program Management – two of the numerous security controls within NIST SP 800-53 – documented policies and procedures are must for these two respective controls, and the remaining others. Our FISMA NIST 800-53 compliance toolkits and policy templates help Colorado businesses achieve rapid compliance with FISMA, ultimately saving organizations hundreds of operational man-hours and thousands of dollars. To learn more about our compliance services, visit flank.org today, or email us This email address is being protected from spambots. You need JavaScript enabled to view it.

Comprehensive FISMA Solutions for Colorado Businesses

FLANK offers the following full lifecycle of FISMA compliance services and solutions for federal contractors in Colorado:

Continue reading
  29 Hits
29 Hits
Aug
19

Q&A from FLANK: What is NIST 800-53?

What is NIST 800-53?

A: Simply stated, NIST 800-53 is a publication put forth by the National Institute of Standards and Technology (NIST) which advises the proper security controls for federal information organizations and systems. NIST 800-53 also documents security controls for all United States federal information systems, the only exception being those designed for national security.

As of 2018, the most current version of NIST SP 800-53 is revision, 5, titled, “Security and Privacy Controls for Information Systems and Organizations.” NIST SP 800-53 is one of the world’s leading publications designed for such needs, and it’s gaining widespread acceptance throughout all of North America, and the world.

Many of today’s federal regulatory compliance requirements – DFARS, FISMA, and FedRAMP – have all adopted core elements of NIST SP 800-53 into their reporting mandates for regulatory compliance. Since its first publication in 2006, up until the current release, NIST 800-53 has consistently advocated the need for federal agencies - and contractors – to implement comprehensive, well-documented, and formalized information security policies, procedures, and processes that help ensure the safety and security of information, systems, organization, individuals, and more.

When is NIST SP 800-53 Compliance Coming?

The adoption of 800-53 is spreading rapidly. The control families found within NIST SP 800-53 consist of core security and privacy best practices that are currently adopted by federal agencies and contractors regarding information security.

With increased cybersecurity threats creating immense challenges for federal agencies in term of information security confidentiality, integrity, and availability of (CIA), implementation of the 800-53 control families has become critical. These initiatives are also being aggressively pushed down to contractors providing essential services to federal agencies.

Continue reading
  49 Hits
49 Hits
Jul
09

Houston, TX Cybersecurity, Information Security Consultant & Compliance Services

FLANK is Houston’s leading provider of cybersecurity, information security, and regulatory compliance services. We offer a wide-range of consulting services for helping Houston businesses meet today’s demanding and complex security, governance, and compliance issues.

Today’s information security world we all live in has brought about an incredible number of modern-day efficiencies and amenities to all of us, yet also massive InfoSec security risks. Turn to FLANK, Houston’s leading provider of security, governance, and compliance services and solutions.

FLANK offers the following services to businesses all throughout the greater Houston area:

  • Scoping & Readiness Assessments for Today’s Major Compliance Regulations

  • Policy and Procedures Writing Services

  • Technical and Security Remediation of Internal Controls

  • Risk Assessment Programs for Compliance

  • Security Awareness Training Programs

  • Incident Response Programs

  • Vendor Sourcing for Critical Security Tools and Solutions

  • Virtual/Outsourced Compliance Officer

Scoping & Readiness Assessments for Today’s Major Compliance Regulations

Pick any of today’s growing list of regulatory compliance mandates & regulations – PCI DSS, SOC 1/SOC 2/SOC 3 audits, FISMA, GLBA, GDPR compliance, and more – and they no doubt can be incredibly challenging and complex. What’s worse, jumping right in and trying to force compliance without performing any type of meaningful pre-audit review spells big trouble.

FLANK is one of Houston’s leading providers of scoping & readiness assessments for many of today’s complex and challenging compliance mandates. With years of experience, we can help your company get up to speed and compliant in a quick and cost-effective manner. Why a scoping & readiness assessment? That’s an easy answer when you consider the following benefits:

Determine, assess, and validate Audit Scope: What business processes are in involved for the specific compliance mandate in question? What personnel are going to participate in all aspects of the audit? What relevant third-party providers are deemed in-scope and why? Just a few of the dozens of questions businesses have when they begin to walk down the path of regulatory compliance. FLANK has the answers, and it’s why a readiness assessment is so critical. 

Continue reading
  107 Hits
107 Hits
Jun
24

FISMA Compliance for Federal Contractors – Overview and Checklist

FLANK provides comprehensive FISMA compliance services for federal contractors, including reporting, certification and accreditation services for contractors and other entities throughout North America, and abroad.

With years of real-world experience in helping businesses comply with many of today’s demanding federal and industry specific compliance mandates, we’ve built a successful track record throughout the globe that speaks for itself.  With FISMA being one of the largest – and often most complex – federal mandates to implement for businesses, our expertise and knowledge of the Federal Information Security Modernization Act is vast and deep, offering professional guidance, support, and recommendations that are truly second-to-none. In short, if it’s about FISMA, it’s time to talk to the experts at FLANK.

FISMA Compliance & Certification Essentials

Compliance with the Federal Information Security Management Act (FISMA) – signed into law by President George W. Bush in 2002 – (and then amended in 2014 and now knows as the Federal Information Security Modernization Act) is not an overnight process, not at all, it can take a tremendous amount of time, “if” not properly planned out. It’s why businesses all throughout North America turn to us for expert guidance and assistance, so take note of the following best practices and other essential subject matter you need to know about for conquering FISMA, courtesy of FLANK:

Understand What FISMA is

Knowing what you’re getting into in life goes a long way in understanding what’s expected of you, along with tempering expectations of what the overall process will be. Same can be said for FISMA, for which many businesses fail to truly understand the mandates of the Federal Information Security Modernization Act. We often field phone calls from prospective clients asking for a “certificate” or a quick review of their environment for FISMA. Unfortunately, as one of the largest and most demanding compliance mandates ever put forth, FISMA requires a long term, dedicated, and diligent effort for becoming – and staying – compliant.

Want to truly understand FISMA, then download a copy of NIST SP 800-53, the defining publication used for performing FISMA assessments for federal contractors. NIST SP 800-53 is an incredibly large and complex document, so pull up a chair and expect to spend a number of hours reading through it.

Continue reading
  142 Hits
142 Hits
Jun
02

Bank of America Global Information Security (GIS) Onsite Assessment Audit Consultant & Consulting Services

Bank of America Global Information Security (GIS) Onsite Assessment Audit Services

  132 Hits
132 Hits
Apr
29

Bank of America Global Information Security (GIS) Onsite Assessment Audit Consultant & Consulting Services

Are you one of the thousands of third-party providers in North America offering services to Bank of America? If so, it’s only a matter of time before your organization will have to undergo the Bank of America Global Information Security (GIS) Onsite Assessment Questionnaire audit process.

FLANK can help. We have in-depth knowledge and expertise with Bank of America’s GIS assessments, having assisted businesses all throughout North America in becoming – and staying – compliant.

Bank of America has taken giant steps in recent years when it comes to their due-diligence activities for service providers, so if you’re offering products, services and solutions to B of A, get prepared for their Global Information Security (GIS) Onsite Assessment Questionnaire audit process. Here are 5 things you need to know about the Global Information Security (GIS) Onsite Assessment Questionnaire audit process, courtesy of FLANK, one of North America’s leading providers of security, governance, and compliance services.

5 Things to Know about Bank of America’s Global Information Security (GIS) Process

1. The GIS is Broad and Expansive. When it comes to being vetted, Bank of America’s Global Information Security (GIS) Onsite Assessment is about as exhaustive an audit process as anything currently seen in the marketplace. Bank of America takes security seriously – very seriously – and it shows with their program.

Continue reading
  198 Hits
198 Hits
Apr
10

FISMA Compliance, Certification & Accreditation for Georgia Businesses

Federal contractors in Georgia providing services to various governmental agencies will ultimately need to begin the process of FISMA compliance, certification & accreditation.

While FIMSA was signed into law in 2002 (and then amended in 2014), there seemed to be a general weakness regarding enforcement on federal contractors, but that’s all changed. Increased calls from federal agencies for strengthening cybersecurity controls has essentially brought thousands of businesses throughout North America into scope for FISMA compliance.

The tone in Washington, D.C. has forever changed regarding information security and cybersecurity awareness. Say goodbye and goodnight to soft enforcement by federal agencies and hello to the new world of compliance. What does this mean for the large number of business in Georgia offering services to federal agencies? It’s a wake-up call that effectively places huge compliance challenges on hundreds of organizations in Georgia offering services to the likes of DoD, HHS, IRS, and other agencies. If FISMA compliance, certification & accreditation mandates have not come knocking on your door, it’s probably just a matter of time.

FLANK is Georgia’s leading provider of federal regulatory compliance services and solutions, offering high-quality, fixed-fee pricing for businesses throughout the Peach State. Learn more about FISMA compliance, certification & accreditation today from the federal compliance leaders for Georgia businesses.

7 Essential FISMA Compliance Initiatives for Georgia Businesses

1. Get to Know NIST SP 800-53: One of the world’s most recognized and well-respected information security publications is none other than NIST 800-53. For years, federal agencies have been aligning their security controls against the prescribed mandates, and now, federal contractors are next in line for compliance. Like many of today’s leading InfoSec frameworks, NIST 800-53 has evolved over time, maturing itself along the way into becoming an incredibly in-depth publication. To obtain a copy of the most recent NIST 800-53 publication, please visit http://csrc.nist.gov/publications/PubsSPs.html

Continue reading
  189 Hits
189 Hits
Mar
28

FISMA Compliance & Certification and DFARS 800-171 Services for Texas Businesses

FLANK provides comprehensive FISMA compliance & certification and DFARS 800-171 services for Texas businesses providing essential services to federal agencies. From the Department of Health and Human Services (HHS) to the Department of Defense (DoD), and scores of other agencies, the federal government has implemented aggressive initiatives regarding cybersecurity compliance for thousands of contractors. The Lone Star State swings a big stick in terms of the number of federal contractors in the state, particularly defense contractors.

It means big compliance mandates have come calling to Texas businesses, and FLANK is ready to assist. We specialize in providing comprehensive federal regulatory compliance services and solutions to businesses all throughout the nation, particularly in Texas, where our firm has deep roots. From FISMA to DFARS 800-171, even assistance with FedRAMP, we offer high-quality, fixed-fee compliance services for Texas businesses, so contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it..

World-Class FISMA and DFARS 800-171 Policy Toolkits and Templates

In need of comprehensive, well-written information security policies and procedures for FISMA, FedRAMP, and DFARS 800-171 compliance? We have them, and they’re available for instant download today at flank.org. Developing policies and procedures is one of the most demanding and time-consuming aspects of today’s federal compliance mandates, but it’s got to be done, so saving hundreds of hours begins by using our comprehensive and easy-to-use and implement policies, procedures, forms, checklists, and more.

Specifically, we offer policy toolkits and templates specific to FISMA, FedRAMP, DFARS 800-171, HIPAA, GLBA, SEC Cybersecurity, and more. These aren’t general policy templates and forms, rather, heavily researched and extremely well-written material that maps directly to each of the security control requirements found within NIST 800-53 and NIST 800-171. Along with policy templates, you’ll also receive risk assessment documentation, security awareness training materials, third-party monitoring forms, and much more. Don’t waste your time authoring InfoSec policies from scratch, and don’t try and update your existing policies – that can take even more time – simply download your very own policy toolkit today at flank.org

Continue reading
  205 Hits
205 Hits
Mar
12

What is NIST 800-171 and How Do I Become Compliant?

Q: What is NIST 800-171?

Answer: NIST 800-171 is a publication titled, “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”, which is put forth by the National Institute of Standards and Technology (NIST). NIST 800-171 is encompassed into DFARS, ultimately requiring DoD contractors to adhere to the actual NIST 800-171 framework.

DFARS stands for the Defense Federal Acquisition Regulation Supplement, which is essentially an agent supplement to the Federal Acquisition Regulation (FAR) that is administered by the Department of Defense (DoD). Thus, the DFARS contains requirements of law, DoD directives, delegations of FAR authorities, and other essential policies and procedures that have a significant effect on the public.

While you might be asking yourself, what is NIST 800-171, you can clearly see that this publication is far-reaching and includes strict provisions for the literally thousands of contractors providing material services and solutions to the DoD – and to other federal agencies.  As for NIST 800-171, there’s much to know, so here’s what’s important in terms of regulatory compliance for DoD contractors seeking to comply with this specific publication.

Continue reading
  434 Hits
434 Hits
Mar
04

FISMA Scoping & Readiness Assessments – Fixed-Fees for Federal Contractors

FLANK offers comprehensive FISMA scoping & readiness assessments and annual FISMA assessments for federal contractors throughout North America.

With growing compliance mandates being places on subs and primes from various federal agencies, becoming compliant with the Federal Information Security Modernization Act (FISMA) is now a mandate, so begin the process with FLANK’s proven and efficient scoping & readiness assessment today.

It’s important to understand that becoming compliant with FISMA is by no means an overnight process – it can take quite a bit of time, much more if not properly planned from the beginning, and it’s why a scoping & readiness assessment is essential. Want to save time, money, and operational headaches when it comes to FISMA, then here’s what we offer for helping you do just that.

Why a FISMA Scoping & Readiness Assessment is Essential

Assessing Scope: First and foremost, it’s important because you need to understand audit scope – specifically – what are the actual boundaries for a FISMA assessment? Do you know what business processes are to be included, what physical locations are under scope, the personnel to be involved? Important questions that need answers, and our FISMA scoping & readiness assessment fully answers them. Imaging not having clear answers to such questions – your FISMA audit would turn into a real challenge – trust us on this.

Continue reading
  225 Hits
225 Hits
Feb
25

DFARS NIST 800-171 Compliance Overview for DoD Contractors

DFARS NIST 800-171 compliance is now a strict mandate and fully enforceable for all Department of Defense (DoD) contractors as of December 31, 2017.

If you met the DFARS 800-171 deadline, then congratulations, but also know that annual compliance is essential for ensuring your policies, procedures, and processes are functioning as required by the actual NIST 800-171 publication guideline.

DFARS NIST 800-171 Compliance is Mandatory – Here’s What You Need to Know

If you haven’t become DFARS NIST 800-171 compliant, the clock is ticking and any number of challenges could be looming, such as the inability to obtain additional contract work from the DoD, failure to obtain work with existing upstream primes, and more. The new regulatory compliance wave is hitting federal contractors quite hard – especially DoD contractors – so getting compliant, and staying compliant, is now more important than ever. FLANK offers a great introduction to the world of DFARS NIST 800-171 compliance, so spend some time learning essential best practices from the federal compliance experts.

Continue reading
  230 Hits
230 Hits
Feb
19

FISMA Compliance & Certification and DFARS 800-171 Services for New Hampshire Businesses

FLANK provides comprehensive FISMA compliance & certification and DFARS 800-171 services for New Hampshire businesses providing essential services to federal agencies.

From the Department of Health and Human Services (HHS) to the Department of Defense (DoD), and scores of other agencies, the federal government has implemented aggressive initiatives regarding cybersecurity compliance for thousands of contractors. The Granite State, while small in size, swings a big stick in terms of the number of federal contractors in the state, particularly defense contractors.

It means big compliance mandates have come calling to New Hampshire businesses, and FLANK is ready to assist. We specialize in providing comprehensive federal regulatory compliance services and solutions to businesses all throughout the nation, particularly in New Hampshire, where our firm has deep roots. From FISMA to DFARS 800-171, even assistance with FedRAMP, we offer high-quality, fixed-fee compliance services to New Hampshire businesses, so contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it..

World-Class FISMA and DFARS 800-171 Policy Toolkits and Templates

In need of comprehensive, well-written information security policies and procedures for FISMA, FedRAMP, and DFARS 800-171 compliance? We have them, and they’re available for instant download today at flank.org. Developing policies and procedures is one of the most demanding and time-consuming aspects of today’s federal compliance mandates, but it’s got to be done, so saving hundreds of hours begins by using our comprehensive and easy-to-use and implement policies, procedures, forms, checklists, and more.

Continue reading
  224 Hits
224 Hits
Feb
08

FISMA NIST 800-53 & DFARS NIST 800-171 Consultants for Houston, Texas Businesses

FLANK, one of North America’s leading providers of federal compliance solutions – and with offices throughout Texas, including Houston – provides comprehensive FISMA NIST 800-53 and DFARS NIST 800-171 compliance, consulting, and certification services.

Houston is one of the most dynamic cities in the nation. Rapid growth and a booming economy have forced huge regulatory compliance requirements onto Houston businesses – especially with the federal government – but FLANK can help. How?

FLANK Offers the Following Services and Solutions for Federal Contractors in Houston, Texas.

FISMA & DFARS NIST 800-171 Readiness & Gap Assessments: Becoming FISMA compliant and DFARS NIST 800-171 compliant can be a tall order for federal contractors in Houston, TX that are new to compliance. Both of these reporting mandates can take quite some time to successfully implement and report on, all the more reason for performing a much-needed readiness & gap assessment.
Notable benefits of FLANK’s FISMA NIST 800-53 & DFARS NIST 800-171 readiness & gap assessments includes the following:

Continue reading
  222 Hits
222 Hits
Jan
30

FISMA Policies and Procedures & Writing Services – Fixed-Fees for Federal Contractors

FLANK, North America’s leading provider of FISMA compliance & certification services and FISMA Toolkits & Templates, also offers comprehensive FISMA policies and procedures & writing services and solutions for helping federal contractors comply with the Federal Information Security Modernization Act (FISMA) of 2014.

Becoming FISMA compliant can be an incredibly daunting and challenging task, something that’s made even more arduous when one assesses the documentation requirements landscape for FISMA. Policies and procedures are a big part of today’s compliance mandates – and only getting bigger – so now’s the time to turn to the trusted experts at FLANK for much-needed assistance.

Get to Know NIST SP 800-53 for FISMA Policies and Procedures

Authoring FISMA policies and procedures can be one of the most demanding and exhausting aspects when it comes to compliance with the Federal Information Security Modernization Act of 2014. Why? Because FISMA compliance ultimately means adhering to the in-depth control requirements found within NIST SP 800-53.

Continue reading
  282 Hits
282 Hits
Jan
24

FISMA NIST 800-53 & DFARS NIST 800-171 Consultants for Houston, Texas Businesses

FLANK, one of North America’s leading providers of federal compliance solutions – and with offices throughout Texas, including Houston – provides comprehensive FISMA NIST 800-53 and DFARS NIST 800-171 compliance, consulting, and certification services.

Houston is one of the most dynamic cities in the nation. Rapid growth and a booming economy have forced huge regulatory compliance requirements onto Houston businesses – especially with the federal government – but FLANK can help. How?

FLANK Offers the Following Services and Solutions for Federal Contractors in Houston, Texas.

  • FISMA & DFARS NIST 800-171 Readiness & Gap Assessments
  • FISMA & DFARS NIST 800-171 Documentation Remediation for Policies and Procedures
  • FISMA & DFARS NIST 800-171 Technical Remediation
  • Development of SAR, SSP, POAM
  • FISMA & DFARS NIST 800-171 Continuous Monitoring
  • Virtual & Outsourced CIO/CTO/Compliance Officers

FISMA & DFARS NIST 800-171 Readiness & Gap Assessments: Becoming FISMA compliant and DFARS NIST 800-171 compliant can be a tall order for federal contractors in Houston, TX that are new to compliance. Both of these reporting mandates can take quite some time to successfully implement and report on, all the more reason for performing a much-needed readiness & gap assessment.

Notable benefits of FLANK’s FISMA NIST 800-53 & DFARS NIST 800-171 readiness & gap assessments includes the following:

Continue reading
  288 Hits
288 Hits
Jan
16

FISMA Compliance & Certification Services for Federal Contractors in California

FLANK offers in-depth, high-quality, fixed-fee FISMA compliance & certification services for federal contractors all throughout California. With hundreds of federal contractors located in Los Angeles, Orange County, San Diego, and San Francisco, becoming fully compliant with the Federal Information Security Modernization Act (FISMA) of 2014 is a strict mandate for such businesses. As for FISMA, it’s without question an incredibly time-consuming and arduous compliance framework to implement, and that’s because becoming compliant means adherence to the controls put forth in NIST SP 800-53.

As a federal contractor located in California, are you being required to become FISMA compliant? Do you have all necessary documentation in place, such as policies and procedures? Do you need assistance with implementation of various I.T. and operational controls? If you answered yes, then it’s time to speak to the California federal compliance experts at FLANK today.

Proven FISMA Service and Solutions for California Businesses

We offer a variety of services and solutions for helping California businesses become FISMA compliance such as the following:

FISMA Readiness & Gap Assessments: Want to become FISMA compliant in an efficient and cost-effective manner? Then performing a much-needed readiness & gap assessment is your first step in the right direction. Businesses that fail to perform any meaningful pre-assessment work find their FISMA compliance initiatives to be challenging – and that’s putting it lightly.

You’ll need to understand assessment boundaries, what business processes are to be included in the FISMA audit, identifying internal control deficiencies, third-party scoping considerations, and so much more. Such initiatives are covered with a properly performed FISMA readiness & gap assessment, which is exactly what FLANK offers for fixed-fees to federal contractors throughout California.

Continue reading
  232 Hits
232 Hits
Jan
03

What is FISMA Reporting? Introduction and Overview

Q: What is FISMA reporting?

A: FISMA reporting is a process where federal contractors (i.e., businesses providing essential services and solutions to federal agencies) undertake a comprehensive process of adhering to the NIST SP 800-53 control of families, and other supporting SP documents. Additionally, FISMA reporting requires development of the following three (3) core documents: (1). System Security Plan (SSP). (2). Security Assessment Report (SAR). (3). If applicable, the Plan-of-Action and Milestones (POAM).

Introduction to NIST SP 800-53

But before you even begin to think about FISMA reporting, you’ll need to get to know NIST SP 800-53. NIST SP 800-53, titled, “Security and Privacy Controls for Information Systems and Organizations”, is an in-depth information security framework developed and published by the National Institute of Standards and Technology (NIST). It’s one of the most well-known and well-respected InfoSec frameworks in the entire world, and it’s also the core document utilized for FISMA reporting.

As such, NIST Special Publication 800-53 (Revision 5) is a comprehensive publication that seeks to develop and make available to a broad base of public and private sector organizations industry leading InfoSec and operational measures for all types of computing platforms. Such platforms generally consist of general purpose computing systems, cyber systems, cloud platforms (SaaS, IaaS and PaaS), mobile systems, industrial/process control systems (SCADA, the “GRID”), the Internet of Things (IoT) devices, and more.

The Widespread Acceptance for NIST SP 800-53

With technology now being pushed to the edge like never before, and growing cybersecurity threats creating immense challenges for organizations, a comprehensive security and privacy control framework is needed. It’s why NIST SP 800-53 is upon us, and it’s now a publication that is witnessing widespread adoption throughout North America, and even the world. It’s fair to say that both NIST SP 800-53 and ISO 27001/27002 have now become two of the most dominant security publications/frameworks in practice. NIST is largely present in North America, while ISO 27001/27002 has a strong presence in the European Union.

Continue reading
  296 Hits
296 Hits
Nov
16

San Antonio, TX Virtual & Outsourced, Contract Regulatory Compliance Officer & Services

FLANK offers comprehensive virtual, outsourced, and contracted regulatory compliance officer services and solutions for businesses in San Antonio and throughout the Texas Hill Country.

Organizations are being pushed more and more today when it comes to regulatory compliance, as witnessed by the surge of audit reports being requested. Familiar with SOC 1, SOC 2, PCI DSS, HIPAA, and more? Then get to know FLANK and learn more about our industry leading regulatory compliance outsourcing services today. Download the Virtual & Outsourced Regulatory Compliance Services Menu today and start saving thousands of dollars.

Top 5 Reasons for a Virtual/Outsourced Compliance Officer

1. Immense Cost Savings. Why spend almost six-figures (and many times, even more!) on a compliance officer salary for an employee? Do you really need such a person 50 + hours a week? Some companies do, but for those that don’t, the smart, cost-effective solution is to hire FLANK for regulatory compliance outsourcing.

2. Expertise ONLY When You Need it. If you don’t need a regulatory compliance offer full-time, when why pay for one full-time? It’s really that simple, isn’t it? We’ll work as little or as much as you need, and that’s called “expertise only when you need it”.

3. Look and Feel of a Full-Time Compliance Officer. All we need to get up and running as your compliance officer is a title, an e-mail, and we are good to go. Yes, it’s that easy, so forget about spending tens of thousands of dollars on head-hunting fees for finding a compliance officer – we’ve got you covered.

Continue reading
  319 Hits
319 Hits
Nov
05

Austin, TX Cybersecurity, Information Security Consultant & Compliance Services

FLANK is Austin’s leading provider of comprehensive information security, cybersecurity, and regulatory compliance services and solutions. We’ve been working with Austin businesses for years, offering high-quality, fixed-fee services for many of today’s challenging and demanding information security, corporate governance, and regulatory compliance issues.

FLANK offers the following services for businesses in and around the greater Austin, TX metro area:

Information Security Services & Solutions

FLANK provides a wide-range of information security/cybersecurity services and solutions to Austin businesses. With today’s demanding security, governance, and compliance initiatives costing businesses massive amounts of money and time, FLANK is ready to assist in all ways possible. We offer fixed-fees and high-quality services for the following compliance standards and frameworks:

  • FISMA/NIST SP 800
  • DFARS NIST 800-171
  • PCI DSS
  • HIPAA
  • GLBA
  • GDPR
  • FBI CJIS
  • CMS

Regulatory Compliance Readiness & Gap Assessments

Many of today’s regulatory compliance mandates – PCI DSS, SOC audits, GDPR, FISMA, and many more – require organizations to really dig deep and think about the following core issues: Where do we start in terms of such an audit? What’s the scope? Do we have gaps and deficiencies, and if so, how do we correct them? These are just a few of the dozens upon dozens of questions we get from Austin businesses.

Continue reading
  363 Hits
363 Hits