1 / 10

Security Risk Solutions , Inc. SBIOI - 27 January 2011

Security Risk Solutions , Inc. SBIOI - 27 January 2011. About Security Risk Solutions, Inc. Woman Owned Small Business Launched in 2004 Serving Federal and Private Sector Clients Information Security and Risk Management Consulting Services Including :

taryn
Download Presentation

Security Risk Solutions , Inc. SBIOI - 27 January 2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Risk Solutions, Inc.SBIOI - 27 January 2011

  2. About Security Risk Solutions, Inc. • Woman Owned Small Business • Launched in 2004 • Serving Federal and Private Sector Clients • Information Security and Risk Management Consulting Services Including: • Information Assurance Risk Management • Program Risk Management • Vulnerability Assessments & Penetration Testing • Business Impact Analyses • Security/Compliance Audits & Reviews • Healthcare Systems Interoperability and Health IT Security and Privacy • OCTAVE Training

  3. Core Service Offerings

  4. Representative ClientsandPartners • Space and Naval Warfare Systems Center Atlantic • Cyber Analysis and Infrastructure Protection (CODE 56110) • Multi-Dimensional Resiliency Model (MDRM) - NRO • NGB – Electronic Security Systems (Security Test and Evaluation) • VA: • Chapter 33 Post 9/11 GI Bill: Risk Management, IT Contingency Planning • JAL FHCC: Program Risk Management • Navy Medicine: • NAVMISSA IT Contingency Planning – MTFs and PORs • EIA Organizational and Technical Risk Management • US Department of Health and Human Services: • ONCHIT (Office of the National Coordinator for Health IT) Standards Harmonization Collaborative program in conjunction with the American National Standards Institute (ANSI) • Led Development of Technical Interoperability Specifications for Security, Privacy and Infrastructure (HITSP Standards incorporating HL7 messaging, XACML, XSPA etc) • Standards published in the Federal Register in January 2009

  5. Representative ClientsandPartners • FDA/NIH: Security design, development and C&A for inter-agency programs including: • Safety Reporting Portal for Adverse Effects: www.safetyreporting.hhs.gov • IBC-RMS: The Institutional Biosafety Committee Registration Management System designed to support monitoring of Institutional Biosafety Committees conducting recombinant DNA research. • GeMCRIS: The NIH/FDA Genetic Modification Clinical Research Information System supports human gene transfer research. • Georgetown University Medical Center - Global Argus: Indications and Warnings (I&Ws) to alert U.S. responders of an imminent bioevent. Used by the NIH and the U.N.'s WHO to check for outbreaks of all kinds, from SARS to avian flu. • Princeton Healthcare System (PHCS), Cancer Treatment Centers of America (CTCA), and other commercial healthcare organizations. • The Independent Electricity System Operator (IESO), Canada • OASD/HA, in conjunction with Georgetown University and the Telemedicine and Advanced Technology Research Center (TATRC) at Ft. Detrick, MD. • Software Engineering Institute (SEI) / CERT® Coordination Center (CERT/CC) at Carnegie Mellon University (a Federally Funded Research Center); Networked Systems Survivability Group

  6. SEI/CERT Activities • OCTAVE Training is on the SRS GSA schedule (IT70) • SEI/CERT utilizes SRS staff to Conduct research and on-site engagements with the Networked Systems Survivability group in the areas of Risk Management, Mission Assurance Analysis Protocol (MAAP), Resiliency Management Model and other related areas. ® OCTAVE is registered with the U.S. Patent and Trademark Office by Carnegie Mellon University Operationally Critical Threat, Asset, and Vulnerability Evaluation is a service mark of Carnegie Mellon University. OCTAVE: Operationally Critical, Threat, Asset and Vulnerability Evaluation SRS has conducted instructor (Train the Trainer) and General OCTAVE training classes at SEI/CERT and for our own clients

  7. Task Team Composition

  8. 2009 D&B Open RatingsPast Performance Report

  9. Corporate Information

  10. Contact Information Johnathan Coleman, CISSP, CISM, CBRMPrincipal, Security Risk Solutions, Inc.698 Fishermans Bnd., Mt. Pleasant, SC 29464Tel: (843) 647-1556  Cell:(843) 442-9104 JC@SecurityRS.com Joseph Sabin Esq., CISSP, CBCP, ITIL,CRISC Director, Federal IA Programs Security Risk Solutions, Inc. Tel: (843) 277-0016 Cell: (843) 814-6117JS@SecurityRS.com Ronald Krutz, Ph.D., PE, CISSP, ISSEP Chief Scientist Security Risk Solutions, Inc. Tel: (843) 277-0016 RK@SecurityRS.com Website: www.securityrisksolutions.com Papers/Publications: www.securityrs.com/papers.htm

More Related