- Continuous monitoring of security controls and their effectiveness
- Audit trail collection and reporting
- Determining acceptability of security controls in terms of risk
- Enabling assessment of implementation & effectiveness of controls
- Collecting and reporting on logs from all assets and activities
Om Group applies a proactive approach to safeguarding a customer’s IT environment and data. Regardless where your AIS, Enclave, Platform IT, or outsourced service/information system resides in the System Life Cycle (SLC), or your system/security categorization, Om Group has trained and certified personnel to ensure you meet or exceed DoD and Federal compliance requirements.
In supporting DIACAP/RMF activities, our subject matter experts have the proper and current information assurance certifications to perform information assurance functions in accordance with DoD 8570.01-M, Information Assurance Workforce Improvement Program -- tailored to the appropriately assigned IAT level and Computing Environment (CE).
Our IA support follows all Federal compliance requirements: DODI 8510.01 RMF for DoD IT, FIPS 140-2, FIPS 200, FIPS 201, FISMA, HIPAA, OMB, NIST, NSA, CNSS, and DCID
OM Group team ensures your software/application, web service, desktop application, IA Tool, or collaboration tool meets the requirements for a Certificate of Net worthiness (CoN). Our services include support for Government Off the Shelf (GOTS) and Commercial Off the Shelf (COTS) and spans the US Army, Army National Guard (ARNG), Army Reserve, DoD, and, Federal information systems.
Om Group’s IA experts follow a code of practice for information security controls based on industry leading certification in ISO/IEC 27000:2016 for Security techniques -- information security management systems
Our customers rely on our deep experience in trusted IT security tools and techniques to quickly assess current maturity levels, situation and needs. We implement metrics-based security solutions that will measurably improve your overall security posture. From our experience, RMF is more than just compliance – it’s about identifying and mitigating the impact to your mission if the non-compliant control is exploited, and preparing contingencies should the unexpected happen.