Dallas, TX Virtual & Outsourced, Contract Regulatory Compliance Officer & Services

FLANK provides industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Dallas, TX businesses. Want to save both time and money on annual compliance costs for PCI DSS, SOC audits (SOC 1 SSAE 18 and SOC 2), HIPAA, GDPR, and more? Then talk to the outsourcing compliance experts at FLANK today.

Top 5 Reasons for a Virtual/Outsourced Compliance Officer

1. Immense Cost Savings. W-2 salaries, health and wellness benefits, and more. Those are immense costs you’ll have to incur when hiring a full-time compliance officer. Is it really necessary? For some companies, yes, but for most companies, no! The solution is to hire FLANK and utilize our industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Dallas, TX businesses.

2. Let FLANK Handle Your Audits. One of the biggest reasons we’re brought on board is to assist with today’s growing regulatory compliance reporting mandates. From HIPAA to PCI DSS, SOC 1 SSAE 18, SOC 2, FISMA compliance, and more, FLANK has you covered. We can run your entire audit process from beginning to end, all at a fraction of the cost of a full-time compliance officer. From the initial audit kick-off meeting to remediation and testing of controls – and more – we can get the job done.

3. Expertise ONLY When You Need it. Need compliance help for 5 hours a week, all the way up to 50 hours, or more? We’ve got you covered with our flexible scheduling and bill rates that will fit your budget. Why spend tens of thousands of dollars on a compliance officer each year if they’re not needed?

4. Look and Feel of a Full-Time Compliance Officer. Simply give us an email address, assign us a formal title, and in literally minutes we’re up and running as your compliance officer. We’ll communicate with the auditors, inform management of current internal control policies and procedures, and so much more. There’s no long hiring process like a full-time compliance officer, just efficiency and scale when it comes to FLANK’s services.

Continue reading
  2 Hits
2 Hits

FISMA & NIST SP 800-53 and SP 800-171 Information Security Policies and Procedures

FLANK offers industry leading FISMA and NIST SP 800-53 and NIST SP 800-171 information security policies and procedures packets, along with custom writing services. In today’s growing world of national security and cybersecurity threats, the federal government has started to aggressively enforce the FISMA mandates signed into law in 2002 (then amended in 2014).

While federal agencies have been working hard on FISMA compliance since 2002, the private sector is now the focus, with contractors being required to adhere to the Federal Information Security Management Act of 2002 (FISMA) and the Federal Information Security Modernization Act of 2014 (FISMA). FISMA, like many of today’s security, governance, and compliance mandates, requires a vast amount of documentation to be in place – specifically – information security policies and procedures covering essential I.T. domains. From change management to incident response, data backup – and much more – the Federal Information Security Modernization Act of 2014 is all about documentation.

Offering FISMA | NIST SP 800-53 Policy Packets

Spending hundreds of internal hours – and ultimately, thousands of operational dollars – is not the preferred method for FISMA compliance. What you need are experts who can hit the ground running, developing all necessary documentation from easy-to-use and customize templates from FLANK. It’s important to note that the FISMA compliance framework is largely driven and established by the control criteria within (as of this writing in December, 2017), NIST SP 800-53, Revision 4, “Security and Privacy Controls for Federal Information Systems and Organizations”.

Not only does FLANK have the resources and manpower for helping businesses in North America become FISMA compliant, we also provide industry leading policies, procedures, forms, checklists – and more – that map directly to the current NIST SP 800-53 security control families and other relevant criteria. Spending tens of thousands of dollars on consulting services for policy writing doesn’t have to happen, thanks to the industry leading documents from FLANK.

The Department of Defense has also put forth numerous mandates for helping ensure the safety of Covered Defense Information (CDI), for which the NIST SP 800-171 framework applies.

Continue reading
  41 Hits
41 Hits

Houston, TX Virtual & Outsourced, Contract Regulatory Compliance Officer & Services

FLANK provides industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Houston, TX businesses. In today’s world of growing security and compliance reporting, you need a firm with experience, expertise and top-notch business credentials for getting the job done on time, and within budget.

When it comes to looking for a virtual, outsourced, and contracted regulatory compliance provider, then it’s time to get to know FLANK. Download the Virtual & Outsourced Regulatory Compliance Services Menu today and start saving thousands of dollars.

Top 5 Reasons for a Virtual/Outsourced Compliance Officer

(1). Immense Cost Savings. Do you really need to spend six-figures on a full-time regulatory compliance officer? Some companies actually do, but for those that don’t, FLANK’s virtual, outsourced, and contracted regulatory compliance service offerings are a perfect fit. We save you both time and money on compliance, and that’s a big win-win for your business.

(2). Expertise ONLY When You Need it. Don’t need a full-time compliance officer? Perhaps just a few hours a week, or more? It’s why businesses in Houston, TX are hiring FLANK for virtual, outsourced, and contracted regulatory compliance, and so should you. “Flexibility” is one of the biggest reasons to choose us!

(3). Look and Feel of a Full-Time Compliance Officer. It’s quick and easy to get our services up and running. All we need is an internal email, an official title, and we’re ready to help your business succeed in today’s growing regulatory compliance environment. Turn to the experts at FLANK for industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Houston, TX businesses.

Continue reading
  42 Hits
42 Hits

Austin, TX Virtual & Outsourced, Contract Regulatory Compliance Officer

FLANK provides industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Austin, TX businesses. Want to save tens of thousands of dollars each year on compliance salaries, then ditch the idea of a full-time, six-figured salary for a regulatory compliance officer, and use FLANK’s virtual, outsourced, and contracted regulatory compliance officer services instead.

We’re Texas’ leading provider of such services, helping you save both time and money on growing regulatory compliance costs. Security, governance, and compliance are important – no question about it – but it’s costing organizations so much money. There is a much more cost-effective and better solution, and it begins by talking to FLANK. Download the Virtual & Outsourced Regulatory Compliance Services Menu today.

Top 4 Reasons for a Virtual/Outsourced Compliance Officer

(1). Immense Cost Savings. The average salary of a compliance officer ranges from $75,000 to $145,000, or more. That’s a big payroll expense, especially if you’re not utilizing such services every day of the week. With FLANK’s virtual, outsourced, and contracted regulatory compliance officer services for Austin, TX businesses, you only use us when you need to!

(2). Expertise ONLY When You Need it. Do you really need a full-time regulatory compliance officer for 50 + hours a week, every week? Perhaps, but if not, FLANK offers the flexibility of working just a few hours a week to as many as 50 + plus hours a week. That’s right, we can work as little or as much as you want us to, that’s the difference – and the real value – when hiring FLANK for virtual, outsourced, and contracted regulatory compliance officer services and solutions for today’s growing businesses.

(3). Look and Feel of a Full-Time Compliance Officer. We can be up and running in literally minutes as your compliance officer. Just provide us an email address and other information, and you’ve now got the look and feel of a full-time compliance officer. Yes, it’s that easy! It’s also why businesses all throughout Austin, TX are turning to FLANK for virtual, outsourced, and contracted regulatory compliance officer services and solutions for today’s growing businesses.

Continue reading
  70 Hits
70 Hits

HITRUST Compliance & Consulting Services for Houston, TX Healthcare Organizations

FLANK, a leading provider of compliance services for Texas businesses, offers comprehensive HITRUST compliance & consulting services for Houston, TX healthcare organizations. HITRUST has now become one of the most requested regulatory compliance reports, which means literally tens of thousands of businesses throughout North America must become compliant.

Houston, with a large number of healthcare professionals, has a growing number of businesses seeking highly-qualified, HITRUST professionals, and FLANK is Houston’s leading provider of HITRUST compliance & consulting services.  FLANK offers the following HITRUST compliance & consulting services for Houston, TX businesses:

HITRUST Readiness & Gap Assessments

The HITRUST Common Security Framework (CSF) has two main challenges for healthcare providers. First, it’s an incredibly lengthy, comprehensive, and complex document. Second, it is constantly being revised and updated. These two variables create immense issues for healthcare organizations trying to keep pace with growing regulatory compliance mandates.

Because of these very challenges, it’s highly important to perform a HITRUST readiness & gap assessment. Benefits of such an assessment include the following: (1). Gaining a strong understanding of scope in terms of business processes to be assessed, personnel and physical locations involved. (2). What third-party entities are to be included in the assessment, and more. Furthermore, you’ll be able to readily identify gaps and deficiencies that require immediate attention prior to even thinking about performing a HITRUST assessment by qualified auditors.

HITRUST Toolkit with Policy Templates for Houston Businesses

We hear the story time and time again, and it’s the following: “We need help in writing policies and procedures for HITRUST compliance, so do you offer such services and policy toolkits and templates?” The cold-hard truth is that one of the most demanding and time-consuming aspects of becoming HITRUST compliant is developing policies and procedures, and its why FLANK has developed the HITRUST Policy Template Toolkit.

Continue reading
  84 Hits
84 Hits

Security Policy Templates, Examples, Samples | Hundreds Available | Download

Security Policy Templates | Hundreds Available for Download

Security policy templates, examples, and samples are offered as part of the all-inclusive set of documents from FLANK, a global leader in the field of security documentation for all types of organizations, regardless of size, industry, or location. Security policy template are a must-have, as every business has a justified need to document their technology processes and procedures for a number of obvious reasons. First and foremost, security policy templates help organizations in documenting one’s overall technology infrastructure, starting with the network layer, all the way down into internal hosts, of which many are in virtualized environments.

Who are We? We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services

One of the larger, more pressing demands on businesses today is having security policy templates for regulatory compliance needs. Just stop and think about all the laws, mandates, and security audits, requiring documented policies and procedures - here’s the short list: Payment Card Industry Data Security Standards (PCI DSS), SSAE 18, HIPAA, GLBA, Sarbanes-Oxley (SOX), FISMA, DFARS, and much more.

Hundreds of Security Policy Templates Available for Download

What businesses need today are security policy templates developed by seasoned veterans from the I.T. community - comprehensive documentation that truly encompasses what organizations need from an information security perspective. With the FLANK21 set of operational, business specific, and information security policies, procedures – and more – you’ll get the very best security policy templates found anywhere today.

Security Policy Templates from a Global Leader in Security

FLANK is a recognized global provider of policies, procedures, provisioning and hardening checklists - and other supporting documentation - for companies seeking the highest quality security policy templates, examples, and samples found anywhere. Our talented staff - which includes systems and network engineers, regulatory compliance auditors, along with C level management - have spent years working together in developing what’s arguably some of the most complete and comprehensive set of security policy templates, examples, and samples found anywhere. A quick summary of the FLANK21 set of documents (available for purchase and immediate download) shows just how in-depth and comprehensive our material is:

Continue reading
  118 Hits
118 Hits

GDPR Policy Templates for Download – Get Compliant

GDPR Policy Templates & Toolkit for Instant Download

FLANK offer GDPR policy templates and policies & procedures for instant download today for businesses all throughout the globe looking for high-quality, professionally developed policies and procedures for the General Data Protection Regulation. With a compliance deadline of May, 2018 fast approaching (as of this writing), controllers and processors are no doubt working hard in putting together a compliance framework that meets the stringent guidelines of the GDPR.

Missed the deadline of May, 2018 and still need assistance? Then start saving dozens of hours and thousands of dollars on GDPR compliance by instantly downloading the GDPR All-in-One Global Compliance Toolkit containing hundreds of pages of GDPR policy templates. For GDPR consulting and compliance services, please email us at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

Get Compliant - Download GDPR Policy Templates & Toolkit Now

What’s missing and what’s causing the compliance headache? GDPR policy templates. Specifically, controllers and processors are having a difficult time finding high-quality templates and then the time for authoring GDPR documentation. Not anymore, thanks to FLANK. Businesses can now download the GDPR All-in-One Global Compliance Toolkit containing hundreds of pages of GDPR policy templates.Our GDPR All-in-One Global Compliance Toolkit includes the following essential compliance documents:

1. GDPR Compliance Requirements and Overview Matrix2. GDPR Mapping to ISO 27001/270012 Matrix3. GDPR Compliance Checklist4. ISO 27001/27002: 2013 All-in-One Toolkit5. Information Security & Cybersecurity Policy and Procedures Manual6. Incident Response and Breach Reporting Program – GDPR 7. Breach Notice Letter (Enhanced for GDPR)8. Third-Party Due-Diligence & Vendor Management Program – GDPR9. Data Privacy Notices for Websites (enhanced for GDPR)10. Data Processing Policy and Procedures - GDPR11. Data Processing for Special Categories Policy and Procedures - GDPR12. GDPR Data Protection Impact Assessment (DPIA) Template Program13. Data Protection Officer (DPO) Policy and Procedures - GDPR14. Data Protection Policy and Procedures – GDPR15. Data Quality Policy and Procedures - GDPR16. GDPR Consent Checklist17. Personal Data Inventory Matrix for Data Subjects - GDPR18. Records of Processing Activities Matrix for Data Subjects - GDPR19. Right of Access Policy and Procedures - GDPR 20. Right to Data Portability Policy and Procedures - GDPR 21. Right to Erasure Policy and Procedures - GDPR 22. Right to Object Policy and Procedures - GDPR23. Right to Rectification Policy and Procedures - GDPR24. Right to Restriction Policy and Procedures – GDPR

Authoring GDPR policies and procedures can be an incredibly tedious undertaking, especially when you have little to no templates to start with. Not anymore, thanks to the compliance experts at FLANK who offer world-class GDPR policy documentation that’s available for instant download today. Becoming GDPR compliant has never been quicker or easier, thanks to FLANK’s world-class documentation.

Continue reading
  131 Hits
131 Hits

What is FISMA and NIST?

What is FISMA and NIST?

A: FISMA stands for the Federal Information Security Modernization Act (FISMA) of 2014, It is US legislation creating a comprehensive framework for protecting government information, operations and assets against man-made or natural threats. It is in fact an enhanced version of the original Federal Information Security Management Act signed into law by President George W. Bush in 2002.

NIST, is the acronym for the National Institute of Standards and Technology (NIST), a standards body within the federal government that puts forth a wide-range of publications that set the standards for recommended security controls.

Organizations all throughout North America need to have a solid understanding of the role of FISMA & NIST as federal cybersecurity requirements continue to grow.

What is NIST SP 800-53?

Simply stated, NIST SP 800-53 requires federal contractors to put in place comprehensive information security and privacy policies, procedures, processes, and related internal controls.

It’s a “Special Publication,” titled Security and Privacy Controls for Information Systems and Organizations, and it is one of the most well-respected, well-known, and comprehensive security publications found anywhere in the world. It contains a prescriptive listing of control families and related security and privacy controls that federal contractors need to have in place for becoming FISMA compliant.

Continue reading
  186 Hits
186 Hits

Writing Information Security Policies and Procedures is What We Do Best!

Writing Information Security Policies and Procedures is What We Do Best!

Writing information security policies and procedures is a very time-consuming, arduous task, to say the least. As a business owner or employee, you have to set aside important tasks, find a set of high quality templates - or even worse - dust off those antiquated shelf-ware policies and procedures written years ago. Isn’t there a better way of writing information security policies and procedures? There is, and it starts with FLANK, a global leader in providing documented policies, procedures, forms and checklists for literally anything related to information security.

Who are We? We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits.2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings.3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services.

FLANK and their trusted consultants, who range from network engineers, consultants, auditors to C level management, have put together one of the most in-depth and comprehensive set of information security policies you will find anywhere. It's called the FLANK21 – just how comprehensive are these documents - consider the following:

Hundreds of policies, procedures, forms, and checklistsProvisioning and hardening documents for ensuring all I.T. systems are properly secured before being deployed out on a network.Dozens and dozens of sections and categoriesDocumentation for many of today’s growing fields within information technology, such as cloud computing and virtualization.Extremely detailed and well-written, and growing everyday - thanks to our talented and skillful staff, who are constantly adding more and more quality documents all the time!Developed utilizing various provisions from some of the world’s most recognized information technology benchmarks, standards, and frameworks.Writing Information Security Policies and Procedures is Now Easier than Ever

What’s more, writing information security policies and procedures is easy with the FLANK21 set of documents as it contains literally hundreds of policies, procedures, forms and checklists for every conceivable area or platform related to information security, such as the following:

Network Devices-Templates specifically tailored toward routers, switches, firewalls and more!Operating Systems-Documentation provided for all major operating system platforms, such as Microsoft Windows (their 2003 to 2012 server line), UNIX and all commonly used Linux distributions, (RHEL, etc.)Databases-Policies and procedure documents for MS SQL Server, MySQL, Oracle, and PostgreSQL.Web Servers-Templates for Apache, Tomcat, IIS and more!

But filling out policy templates is one thing, actually have a set of comprehensive procedures and supporting provisioning and hardening documents is what’s also needed when it comes to writing information security policies and procedures. After all, what good is an information security policy if an organization doesn't have supporting procedures for the stated policy or even provisioning and hardening documents describing how to secure system resources?

Continue reading
  142 Hits
142 Hits

FISMA Compliance & Certification Services for Federal Contractors in Texas

FISMA Compliance & Certification Services for Federal Contractors in Texas

FLANK offers comprehensive, fixed-fee FISMA compliance & certification services – and FISMA policy toolkits – for federal contractors all throughout the state of Texas. With hundreds of federal contractors located in Dallas, Houston, Austin, San Antonio – and numerous other locations – such entities are being required to comply with the Federal Information Security Management Act (FISMA) of 2002, which was amended in 2014 and re-named the Federal Information Security Modernization Act (FISMA).

As for FISMA, it’s without question one of the most in-depth and complex compliance mandates, due largely to the fact that becoming compliant means adhering to the controls put forth in NIST SP 800-53. From Access Control (AC) to Program Management (PM), the family of controls within NIST SP 800-53 require a healthy dose of FISMA policies, procedures, and processes to be in place – so turn to the Texas FISMA compliance experts today at FLANK.

Proven FISMA Service and Solutions for Texas Businesses

We offer a variety of services and solutions for helping Texas businesses with FISMA compliance & certification, such as the following:

Fixed-Fee FISMA Readiness & Gap Assessments:  Want to become FISMA compliant in an efficient and cost-effective manner, then Texas businesses would be well-served by performing a FISMA readiness & gap assessment. Brief, cost-effective, yet incredibly useful, such an assessment helps to identify and confirm critical scoping boundaries, missing documentation (i.e., FISMA policies and procedures), along with internal controls requiring immediate remediation. If you’re new to the world of federal compliance, then a FISMA readiness & gap assessment is an absolute must.

One of the biggest challenges faced by federal contractors with FISMA compliance is trying to eliminate the dreaded scope creep. Often times, engagements get bogged down as both sides (i.e., the FISMA assessor and the client) are unsure as to what business functions are to be examined, what personnel are involved, physical locations to be assessed, and much more. This can create an issue where FISMA compliance & certification can spiral out of control, creating immense challenges and cost overruns. How to avoid such a nightmare? Perform a FISMA readiness & gap assessment with FLANK. Contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

Continue reading
  166 Hits
166 Hits

Network Security Policy Templates, Samples for Download

Network Security Policy Templates, Samples for Download

Network security policy templates, samples, and best practices are a vital necessity in today's growing world of regulatory compliance. There’s literally dozens and dozens of State, Federal, and global laws requiring documented network security policy templates and best practices be in place for proving to auditors of one's security practices.

Unfortunately, most businesses fail miserably when trying to develop their own set of network security policy templates and best practices because they don't have the time or resources for developing comprehensive information security documents. What’s needed is a trusted source and a global leader in providing documented policies, processes, forms and checklists for developing your very own network security policy templates, samples, and best practices.

We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits.2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings.3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services.

Over 5,000 Pages of InfoSec and Network Security Policy Templates – Get them Now

FLANK has spent years developing what is without question some of the most in-depth and comprehensive set of information security documents found anywhere - it’s called the FLANK21 set of documents that contains hundreds of network security policy templates, samples, best practices, and so much more. Sure, we provide industry leading policies and procedures - but so much more - such as essential operational and business specific documents, along with a laundry list of forms, checklists, and templates.

The network security policy templates, samples, and best practices contained within the FLANK21 set of documents contains policies, procedures, forms and checklists for many of the most commonly used firewalls and routers, ranging from Cisco appliances to Palo Alto, just to name a select few. What's more, included also are hundreds of other policy and procedure templates for all major databases (1. MS SQL Server. 2. MySQL. 3. Oracle. 4. PostgreSQL), web server applications (1. Tomcat. 2. Apache. 3. IIS. 4. JBoss), operating systems (1. Microsoft Windows Server line. 2. UNIX. 3. Linux distributions), and many, many more!

Continue reading
  170 Hits
170 Hits

FISMA & NIST SP 800-53 and SP 800-171 Security Policies

FISMA & NIST SP 800-53 and SP 800-171 Information Security Policies and Policy Packets & Writing Services

FLANK offers industry leading FISMA and NIST SP 800-53 policy packets and NIST SP 800-171 information security policies and procedures packets, along with custom InfoSec policy writing services.  In today’s growing world of national security and cybersecurity threats, the federal government has started to aggressively enforce the FISMA mandates signed into law in 2002 (then amended in 2014).

While federal agencies have been working hard on FISMA compliance since 2002, the private sector is now the focus, with contractors being required to adhere to the Federal Information Security Management Act of 2002 (FISMA) and the now enhanced Federal Information Security Modernization Act of 2014 (FISMA).  FLANK can also assist with all aspects of the FISMA certification & accreditation process.

You Need Policies and Procedures for FISMA Compliance

FISMA, like many of today’s security, governance, and compliance mandates, requires a vast amount of documentation to be in place – specifically – information security policies and procedures covering essential I.T. domains within the NIST SP 800-53 publication, and other supporting 800 series documents. From change management to incident response, data backup – and much more – FISMA is all about documentation.

There’s no question a large security and technical element that has to be tended to in terms of FISMA compliance – two-factor authentication, file integrity monitoring, vulnerability scanning, and more – but that’s often well-known. It’s the documentation aspect that’s often overlooked with comments that usually begin with “we have no InfoSec policies and procedures, and we’re not really sure where to start.” 

With FLANK, you have two (2) options. We can author all of your FISMA policies and procedures for you, or you can simply purchase our world-class FISMA Compliant All-in-One Toolkit containing hundreds of pages of professionally developed materials. With FLANK, we give you choices when it comes to FISMA compliance.  Learn more about FLANK’s proven process for FISMA and NIST SP 800-171 compliance by downloading our FISMA Case Study and NIST SP 800-171 Case Study for a recent client implementation. 

Continue reading
  187 Hits
187 Hits

FISMA Compliance & DFARS NIST 800-171 WDC, VA, MD

FISMA Compliance & DFARS NIST 800-171 Services for Washington, D.C., Virginia, Maryland Contractors

FISMA compliance, certification & accreditation services, along with DFARS NIST 800-171 compliance solutions for federal contractors in Washington, D.C. Virginia, and Maryland are available from FLANK. As one of North America’s leading providers of federal regulatory compliance services and solutions, we’re the company to turn to in the greater WDC metropolitan area for both FISMA and DFARS NIST 800-171 assistance.

The U.S. Government is FINALLY Serious about Security & Compliance

Over the last decade, the federal government has been hard at work ensuring all agencies are actually compliant with FISMA, however, the thousands of contractors providing critical services to such agencies have not been following along as required. But times have changed indeed. The Department of Health and Human Services (HHS), Department of Defense (DoD) and many other agencies have sounded the alarm to federal contractors, effectively demanding that thousands of businesses become FISMA and/or DFARS NIST 800-171 compliant. Gone are the days of weak enforcement, replaced now with an expansive set of rulings aimed at helping combat growing cybersecurity threats that are causing serious challenges for the federal government.

Are you a federal contractor in Washington, D.C. Virginia, or Maryland providing essential services to any number of governmental agencies? If so, and you’re not FISMA and/or DFARS NIST 800-171 compliant, the winds of change are blowing, so here’s what you need to know.

What you Need to Know Regarding FISMA Compliance & DFARS 800-171FISMA and DFARS NIST 800-171 are a Culture Change

Both of these mandates are extensive indeed, not some lightly regarded compliance measure where you can check the box and be done. Not at all. The growth in information security has unfortunately resulted in massive cybersecurity threats and attacks aimed at federal agencies, and the thousands of contractors used for providing support services.

Because of this, the government looked long and hard in what really makes sense for ensuring contractors and other down-stream providers have adequate InfoSec controls in place. Thus, enter FISMA (which has been in place since 2002, but now only heavily enforced), and more recently, the DFARS NIST 800-171 requirements.

Continue reading
  237 Hits
237 Hits