In an era of high-profile cyber-attacks and continuous data breaches it’s paramount that information security and assurance is an integrated consideration in any information technology initiatives regardless of whether it’s remediation of existing enterprises or building new systems. To build user confidence and to adhere to the strictest security measures, TMC incorporates industry best-practices, agency policies, and government directives into all of our projects. To protect our customers’ systems and data, our designs ensure information system security by complying with the Federal Information Security Management Act (FISMA) regulations detailed in the NIST 800 series Special Publications and FedRAMP program guidelines.
TMC is planning to increase focus to these capabilities in the upcoming fiscal year to include an Information Assurance and Cloud Services Division, complementing the services already being provided under the existing TMC Systems Assurance Division, IT Engineering and Operations Division, and Commercial Systems Division.
Certification & Accreditation
TMC’s Information Assurance experience is broad and has been gained by performing enterprise enclave certification and accreditation (C&A) as well as through integrating it into our software & systems development projects. For example, TMC was deeply involved in the DoE National Energy Technology Laboratory (NETL) Enterprise certification and accreditation project in which we performed enclave and cyber security policy evaluation for NETL. Additionally, at the commencement of every project, our team works closely with our customers’ cyber security organization to perform a risk assessment, identify all relevant security controls, define mitigation strategies, and incorporate those strategies into our designs right from the beginning rather than as an afterthought