SCENARIO: Wilson Consulting Group (WCG) was contracted to help create a Certification and Accreditation (C&A) program for a federal agency that is responsible for administering medical-related services to ensure that good information security practices are in place and maintained.
The agency is responsible for the payment of more than$400 billion annually for medical services provided to nearly 90 million program beneficiaries and recipients. They have about 4,900 employees at their central site, with ten regional offices throughout the country. In the administration of these national programs, they utilize many assets, including buildings, facilities, communications equipment, computer systems, employees, and contractors. A breach of any one of these assets could affect the quality of support provided by the agency to its customers.
The agency required a system of cost-effective information security controls to protect the information it collects, including privacy and proprietary data, procurement data, inter?agency data, and privileged system information. Access to such information is controlled by various federal acts and guidelines, such as FISMA and NIST. The agency has a legal responsibility to maintain the confidentiality and integrity of this information.
WCG's Strategy: To ensure that good information security practices were in place and maintained, WCG helped the agency create an effective C&A program, with information security policies and standards that met Office of Management and Budget (OMB) and NIST requirements.
RESULTS: To create these policies and programs, WCG:
With a solid C&A program in place, the agency’s management team can now effectively make risk-based decisions concerning the security of the applications, systems, and infrastructures within its purview.
WCG developed a budget to support the system improvements and implementation...
WCG exceeded all of the ministry’s requirements for improving the security of its IT system...
WCG can help your company meet these security challenges and regulatory hurdles...
WCG provided deliverables on time, on budget, and to the HIPAA specifications, thus enabling...
WCG effectively assisted government agenciesand businesses in Sub-Saharan Africa to overcome...
WCG successfully prepared certification, procedures and approvals for the complex multi-tiered...
WCG helped the organization rectify all risks based on the findings of the vulnerability ...
WCG Reviewed, updated, and developed information security guidelines...
As GDPR was fast approaching, the company needed to see if their processes were aligned with regulations...
A private research university needed to create its GLBA program...
Cyber-attacks damage an institution’s reputation, disrupt the operation of a business...
