Compliance Services for Federal Agency | Case History

WCG performed a variety of services, including system documentation assessment, security certification and accreditation, and other tests to assess the effectiveness of the DSTM security controls.

Request Consultation

WCG Strategies

ATO certification requires that systems be tested to verify compliance with applicable federal management, operational, and technical security guidelines, regulations, and controls. These guidelines included, but were not limited to:

The tests and services WCG performed included:

OMB Circulation A – 130, Management of Federal Information Resources
Department of Labor (DOL) Computer Security Handbook
DOL System Development Lifecycle Manual (SDLCM)
DOL Technical Security Standards Manual
NIST SP 800-30, Risk Management Guide for IT Systems
NIST FIPS 31, Guidelines for ADP Physical Security and Risk Management
NIST SP 800-37 (draft), Guidelines for Security Accreditation of IT Systems
NIST SP 800-18, Guide for Developing Security Plans for Information Technology Systems
Administration Procedures Act
Title 29, Code of Federal Regulations, Part 70
Information Technology Management Reform Act of 1996
Privacy Act of 1974
Computer Fraud & Abuse Act of 1986, as amended
Freedom of Information Act, as amended
E-Government Act of 2002
Department of Labor Technical Security Standards Manual (TSSM)
Department of Labor FIPS 199/Security Self-Assessment (MS Access)
Federal Information Processing Standards (FIPS 199)
NIST Special Publication 800-53, “Recommended Security Controls for Federal Information Systems”
NIST Special Publication 800-60, “Guide for Mapping Types of Information & Information Systems to Security Controls”

The assessment’s findings and recommendations were outlined in the recent Office of the Inspector General (OIG) reports. These included:

DOL and Occupational Safety and Health Administration (OSHA)security policies and procedures, and their enforcement
Emergency response and recovery plans
Physical security of facilities and equipment housing the information systems
Use of the applications security features, including user administration and access control
Level of user awareness and technical personnel training in security issues and technology
Use and protection of all outside connections, including access via LANS, dial-up, and individual workstations/servers
Susceptibility to non-technical attacks
Unintended use of the information systems by OSHA personnel

Why WCG?

Leveraging cutting-edge Cyber Security practices, our FedRAMP process, and internal application, we provide an accelerated and simplified approach to evaluate controls and identify deficiencies. Whether you require Cyber Security services, training, or consulting, our adept team ensures a swift and efficient readiness for authorization within 60 days, resulting in an impressive 80% faster time to market.

Our competitive and transparent pricing model eliminates hidden agendas, miscellaneous charges, or add-on fees, offering you a remarkable 40% cost savings compared to other providers. As specialists in Cyber Security training and assessments, our dedicated team boasts unparalleled talent, knowledge, and experience in conducting FedRAMP assessments and consulting in alignment with NIST 800-53 Revision 5.

With unique experiences working alongside federal government agencies such as the Department of Homeland Security, Department of Defense, and General Services Administration, as well as corporate cloud services providers serving the federal government, we possess the expertise to ensure the success of your assessments and Cyber Security initiatives.

Knowledgeable and Experienced Team

Our team, seasoned in cyber security, brings unparalleled experience to assist governments and businesses globally. We specialize in defending against cybercrime, reducing risks, ensuring regulatory compliance, and transforming IT, security operations, and infrastructure. Our comprehensive services encompass the latest advancements in cyber security to fortify your digital defences effectively.

Practical Guidance

WCG has hands-on IT experts who have extensive knowledge and experience helping businesses.

Reasonable Pricing

We provide simple, straightforward pricing with no hidden agenda, miscellaneous charges, or add-on fees.

Personalized Customer Service

Our personable, dedicated staff to answer any questions you have at any time throughout the process.

Proven Track Records

WCG has an exceptional reputation and track record for numerous services.

Adopting to Your Needs

We develop and customize an approach that suits your immediate requirements and future goals. To achieve this, WCG will provide pragmatic insights and balanced views on how to prioritize any associated actions.