Complete FISMA Preparation*
Our FISMA and Project Management professionals guide System Owners through the complete process, from identifying system boundaries and data types to addressing any findings from the independent assessor and creating the authorization package for the Authorizing Official.
Our Gap Analysis service identifies policies, procedures, and tools that are already in use by your organization and applies those to FISMA/FedRAMP requirements. We identify additional items needed and the existing items that must be augmented to satisfy NIST SP 800-53 specified controls required to achieve FISMA/FedRAMP compliance.
Enterprise Program Support
FISMA legislation requires an enterprise-wide approach to a security program. This program establishes common controls, such as organizational policies and standards, provides guidance to system owners, and tracks and reports progress to OMB or similar organizations. Additionally, enterprise programs leverage FedRAMP Provisional Authorizations to Operate, may sponsor CSPs, and establish guidance for controls still belonging to the cloud subscriber. Logyx™ helps establish and manage such programs, offering consultation on how to improve efficiencies and effectiveness.
Independent Assessment -- FISMA*
Logyx™ provides the independent assessment required for Cloud Services and Information Systems categorized as Moderate or High. Our assessment methodology is an enhancement to the NIST guidance, is easily modified to accommodate specific organizational needs, and records evidence of the effectiveness and appropriateness of all the 800-53 specified controls. Logyx™ has also developed a Continuous Compliance approach which spreads the assessment over three years to maintain compliance and minimize impact to the budgeting process.