Cyber Analysis & Engineering

Focus on 5 risk management steps (1) Identify Risk (2) Analyze Risk (3) Evaluate Risk (4) Mitigate and (5) Monitor Risk.

Provide a detailed plan of corrective actions and provide the plans for the remediation measures needed in response to information security weaknesses and threats. Expert Accreditation Oversight and Assistance: Security-related technical support for accreditation activities to include system security plans, system security authorization agreements, concepts of operations, security requirement traceability matrices, test plans and plans of actions and milestones.

Establish baseline configurations and inventories of organizational information systems that include hardware, software, firmware and documentation for networks as well as establish security configuration settings for technology products. Create change control procedures.

Security starts and ends with an informed user-base. Drake IA Solutions provides a proactive training and awareness culture through on-site training, remote or train-the-trainer sessions that allow managers and users of organizational information systems to be aware of security risks and focus on having adequately trained personnel.

Ensuring the Information Systems Security department’s policies, procedures and practices are compliant with business/agency standards. Developing and/or reviewing System Security Plans, Security Assessment Reports, Privacy Impact Analysis, Contingency Plans and Disaster Recovery Plans. Also performing routine evaluations of these documents, security scan results and system settings in order to address controls deemed insufficient or updates to controls for remediation.

Providing an efficient Document Management System (DMS) to help enhance data security and keep sensitive business and personal information, personally identifiable information and protected health information secure through access control, authentication, usage control, encryption and proper back-up.