Rivera Group Secures, Automates, and Strengthens Critical Systems
The Challenge
Our DoD client wanted to reach 100% cybersecurity compliance for all managed systems with the Defense Information Systems Agency (DISA), the Federal Information Security Modernization Act (FISMA), the National Institute of Standards and Technology (NIST), and the United States Federal Policy for Risk Management Framework (RMF).
To meet this strenuous goal, the client awarded Rivera Group the task to provide a multi-layered approach to cybersecurity services that includes comprehensive Information Assurance Vulnerability Management (IAVM), Risk Management Framework (RMF), patch management, and system testing prior to the fielding of new software, or software change packages (SCP).
See how this federal agency reached complete cybersecurity compliance.
Don’t worry, we hate spam too. We won’t share your details with anyone.
The Solution
To achieve complete cybersecurity compliance, Rivera Group's team delivered expertise in several areas:
Information Assurance Vulnerability Management (IAVM):
- Perform monthly Assured Compliance Assessment Solution (ACAS) scans
- Perform Independent Verification and Validation (IV&V) testing
- Implement Security Technical Implementation Guides (STIGs)
RMF Compliance:
- Prepare IA certification and accreditation (C&A) documentation
- Ensure all information assurance management (IAM) review items are tracked and reported in Enterprise Mission Assurance Support Services (eMASS)
- Ensure non-remediated items are correctly documented
System Testing:
- Conduct software and hardware tests, including validation of functional and technical requirements
- Develop test and evaluation master plans, operational process maps, storyboards, technical and security test scenarios, and traceability matrixes
Configuration Management:
- Maintain an online, controlled access library that contains business, legacy, bridge application software, COTS products, test, and integration facility standard operating procedures (SOP), active test documentation, and test artifacts
- Maintain the integrity of the application baselines and benchmark databases during testing
Information Technology Engineering Services:
- Setup, maintain and reconfigure the test environment as needed to support software qualification and system acceptance testing requirements
- Provide expert guidance in functional working groups, application blueprinting, preliminary design reviews, critical design reviews, program progress reviews, and other system design reviews to support system testing
The Results
In just one year, Rivera Group supported 34 successful security inspections for our DoD client. This outstanding success won our client the coveted Signaler's Bronze Order of Mercury delivered by the U.S. Army 7th Signal Commander. This prestigious award recognizes those who have demonstrated the highest standard of integrity and professional competence.
Rivera Group's work on the HSIB contract also achieved the following:
- Achieved 100% approval on all logistics systems submitted for certification for Authorities to Operate (ATOs)
- Reached 100% of goals for annual continuous monitoring by successfully evaluating 2,600 controls
- Achieved 100% cybersecurity compliance for all logistics software releases
- Improved Information Assurance Vulnerability Management for all logistics systems
- Set the highest standards for installation, configuration management, and test facilitation for all evaluated systems
- Set the highest quality for Government Acceptance and Interoperability Test (GAIT)