We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byNeal Offield
Modified over 2 years ago
© 2010 by Security Risk Solutions, Inc. Security Risk Solutions, Inc. SBIOI - 27 January 2011
© 2010 Security Risk Solutions, Inc. 2 Woman Owned Small Business Launched in 2004 Serving Federal and Private Sector Clients Information Security and Risk Management Consulting Services Including: Information Assurance Risk Management Program Risk Management Vulnerability Assessments & Penetration Testing Business Impact Analyses Security/Compliance Audits & Reviews Healthcare Systems Interoperability and Health IT Security and Privacy OCTAVE Training About Security Risk Solutions, Inc.
© 2010 Security Risk Solutions, Inc. Core Service Offerings 3 Information Assurance Risk Management Services Information Assurance Risk Management Organizational Business Impact Analysis Organizational Resiliency Planning Test Training and Exercise (TT&E) Policy and Guidance Development and Compliance Program & Project Risk Management Services Audit and Development of Corporate and Regulatory Compliance Programs Information Assurance Program and Project Management Information Assurance Technical Services Technical Vulnerability Assessments Continuity of Operations Certification and Accreditation Application Assessments Penetration Testing and Analysis Health IT Services Standards Harmonization and Interoperability Health IT Security and Privacy Services
© 2010 Security Risk Solutions, Inc. 4 Space and Naval Warfare Systems Center Atlantic Cyber Analysis and Infrastructure Protection (CODE 56110) Multi-Dimensional Resiliency Model (MDRM) - NRO NGB – Electronic Security Systems (Security Test and Evaluation) VA: Chapter 33 Post 9/11 GI Bill: Risk Management, IT Contingency Planning JAL FHCC: Program Risk Management Navy Medicine: NAVMISSA IT Contingency Planning – MTFs and PORs EIA Organizational and Technical Risk Management US Department of Health and Human Services: ONCHIT (Office of the National Coordinator for Health IT) Standards Harmonization Collaborative program in conjunction with the American National Standards Institute (ANSI) Led Development of Technical Interoperability Specifications for Security, Privacy and Infrastructure (HITSP Standards incorporating HL7 messaging, XACML, XSPA etc) Standards published in the Federal Register in January 2009 Representative Clients and Partners
© 2010 Security Risk Solutions, Inc. 5 FDA/NIH: Security design, development and C&A for inter-agency programs including: Safety Reporting Portal for Adverse Effects: www.safetyreporting.hhs.govwww.safetyreporting.hhs.gov IBC-RMS: The Institutional Biosafety Committee Registration Management System designed to support monitoring of Institutional Biosafety Committees conducting recombinant DNA research. GeMCRIS: The NIH/FDA Genetic Modification Clinical Research Information System supports human gene transfer research. Georgetown University Medical Center - Global Argus: Indications and Warnings (I&Ws) to alert U.S. responders of an imminent bioevent. Used by the NIH and the U.N.'s WHO to check for outbreaks of all kinds, from SARS to avian flu. Princeton Healthcare System (PHCS), Cancer Treatment Centers of America (CTCA), and other commercial healthcare organizations. The Independent Electricity System Operator (IESO), Canada OASD/HA, in conjunction with Georgetown University and the Telemedicine and Advanced Technology Research Center (TATRC) at Ft. Detrick, MD. Software Engineering Institute (SEI) / CERT® Coordination Center (CERT/CC) at Carnegie Mellon University (a Federally Funded Research Center); Networked Systems Survivability Group Representative Clients and Partners
© 2010 Security Risk Solutions, Inc. SEI/CERT Activities OCTAVE: Operationally Critical, Threat, Asset and Vulnerability Evaluation SRS has conducted instructor (Train the Trainer) and General OCTAVE training classes at SEI/CERT and for our own clients 6 ® OCTAVE is registered with the U.S. Patent and Trademark Office by Carnegie Mellon University Operationally Critical Threat, Asset, and Vulnerability Evaluation is a service mark of Carnegie Mellon University. OCTAVE Training is on the SRS GSA schedule (IT70) SEI/CERT utilizes SRS staff to Conduct research and on-site engagements with the Networked Systems Survivability group in the areas of Risk Management, Mission Assurance Analysis Protocol (MAAP), Resiliency Management Model and other related areas.
© 2010 Security Risk Solutions, Inc. Task Team Composition 7
© 2010 Security Risk Solutions, Inc. 2009 D&B Open Ratings Past Performance Report 8
© 2010 Security Risk Solutions, Inc. Corporate Information Corporate Name:Security Risk Solutions, Inc. (SRS) Company Category:Small Business, Woman Owned Business Incorporation Status: S-Corporation State of Incorporation: South Carolina Facility Security Clearance: Top Secret Products and Services Offered Information Security Professional Services including Technical Vulnerability Assessments, Technical and Business Risk Assessments, Consulting, and Regulatory Compliance Audits. SRS also conducts leading edge research and validates emerging security assessment methodologies for the CERT at the SEI. Years in Business: Currently in 7th year. D&B (D-U-N-S) Number: 192835390 CAGE Code: 41MQ0 GSA IT70 Contract: GS-35F-0034W SeaPort-e: SN00178-07-D-5055 (Evolvent Acquisition Corporation ) N00178-04-D-4024 (Booz Allen Hamilton) Website: www.SecurityRiskSolutions.com 9
© 2010 Security Risk Solutions, Inc. Contact Information 10 Johnathan Coleman, CISSP, CISM, CBRM Principal, Security Risk Solutions, Inc. 698 Fishermans Bnd., Mt. Pleasant, SC 29464 Tel: (843) 647-1556 Cell:(843) 442-9104 JC@SecurityRS.com Johnathan Coleman, CISSP, CISM, CBRM Principal, Security Risk Solutions, Inc. 698 Fishermans Bnd., Mt. Pleasant, SC 29464 Tel: (843) 647-1556 Cell:(843) 442-9104 JC@SecurityRS.com Joseph Sabin Esq., CISSP, CBCP, ITIL,CRISC Director, Federal IA Programs Security Risk Solutions, Inc. Tel: (843) 277-0016 Cell: (843) 814-6117 JS@SecurityRS.com JS@SecurityRS.com Joseph Sabin Esq., CISSP, CBCP, ITIL,CRISC Director, Federal IA Programs Security Risk Solutions, Inc. Tel: (843) 277-0016 Cell: (843) 814-6117 JS@SecurityRS.com JS@SecurityRS.com Website: www.securityrisksolutions.comwww.securityrisksolutions.com Papers/Publications: www.securityrs.com/papers.htmwww.securityrs.com/papers.htm Ronald Krutz, Ph.D., PE, CISSP, ISSEP Chief Scientist Security Risk Solutions, Inc. Tel: (843) 277-0016 RK@SecurityRS.com Ronald Krutz, Ph.D., PE, CISSP, ISSEP Chief Scientist Security Risk Solutions, Inc. Tel: (843) 277-0016 RK@SecurityRS.com
Public Health Data Standards Consortium
Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.
Prepared for: DISA September 17, 2003 Establishing a Government Information Security System Presented to the IT AND COMMUNICATIONS SYSTEMS SECURITY CONFERENCE.
TM Coordinating the Functions, Uses and Activities of Systems and Organizations Involved in Public Health Surveillance John W. Loonsk, M.D. Director Information.
EECS 710: Information Security and Assurance Assignment #3 Brent Frye 10/13/
DOD SOFTWARE ASSURANCE INITIATIVE: Mitigating Risks Attributable to Software through Enhanced Risk Management Joe Jarzombek, PMP Deputy Director for Software.
Navigating IT Solutions.Delivering Results. Bay State Proprietary l CAPABILITY BRIEFING FOR MITRE 12TH SERVICE ORIENTED ARCHITECTURE.
INTERNATIONAL HEALTHCARE STANDARDS LANDSCAPE
Seeking a National Standard for Security: Developing a Systematic Crosswalk of the Final HIPAA Security Rule, the NIST SP , NIST SP Security.
The TJU Human Research Protection Program (HRPP): Part I – Which Entities/Offices are Involved ? J. Bruce Smith, MD, CIP.
1 National Audioconference Sponsored by the HIPAA Summit June 6, 2002 Chris Apgar, CISSP Data Security & HIPAA Compliance Officer Providence Health Plan.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
KEITH CANTANDO, CBCP CORPORATE SECURITY - PROGRAMS PROGRESS ENERGY PS-Prep (DHS – Voluntary Private Sector Preparedness Accreditation.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Cloud security https://store.theartofservice.com/the-cloud-security-toolkit.html.
Managing Compliance Related to Human Subjects Research Review Joseph Sherwin, Ph.D. Office of Regulatory Affairs University of Pennsylvania Fourth Annual.
Public Health Data Standards A View from the Front Lines Bethesda, MD March 17, 2004 Presentation to PUBLIC HEALTH DATA STANDARDS CONSORTIUM 2004 ANNUAL.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Safety organization and training. The biosafety officer and biosafety committee A safety policy, A safety manual, and Supporting programmes for their.
“Navigating IT Solutions. Delivering Results.” Bay State, Inc. ◊ 4201 Northview Drive, Suite 408, Bowie, MD ◊ t: ◊
Open Health Tools Membership Presentation G&B Solutions Soori Kani Vice President, Health Strategy September 9, 2011.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Chapter 6 – Data Handling and EPR. Electronic Health Record Systems: Government Initiatives and Public/Private Partnerships EHR is systematic collection.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Research Compliance: An Overview of the Players and Issues Involved in Emory’s Research Compliance Programs.
Charleston Defense Contractors Association Small Business and Industry Outreach Initiative 22 July, 2010.
Ray Greenlaw, School of Computing Armstrong Atlantic State University 1 Regional Center for Cyber Security Education and Training January 2003.
IOM Committee on DHS Occupational Health & Operational Medicine Infrastructure Federal Occupational Health Services Gene Migliaccio, DrPH, Director Herman.
SMALL BUSINESS SHOWCASE COACT, Inc. is a Service Disabled Veteran Owned Small Business (SDVOSB). Niche Areas: Certification & Accreditation (C&A) FIPS140.
HW&W, Incorporated 7602 Granada Drive Bethesda, MD Telephone: H W & W, Incorporated e-Business Strategies “Providing Just-in-Time Solutions.
© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.
Navigating VA Nursing Research VA Office of Nursing Services NRFAC Instructions: This PowerPoint file should be viewed in Slideshow mode. For each slide,
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
DHS, National Cyber Security Division Overview
Professional Services Overview
Orbis, Inc. SeaPort Enhanced A Small Business Perspective Stephen W. Law Director, Washington Operations (202)
The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.
Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
© 2016 Chapter 6 Data Management Health Information Management Technology: An Applied Approach.
CTTSO Overview John Morgan, Deputy Director for Science and Technology, CTTSO September 2010.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
1 Healthcare Informatics Landscapes, Roadmaps, and Blueprints: Towards a Business Case Strategy for Large Scale Ontology Projects Intergovernmental Health.
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
Assured Information Solutions, LLC Securing the Life Blood of Business - INFORMATION Christopher D. Peele CISSP-ISSEP Chief IA Analyst.
Health Information Technology Standards Panel Ed Mikoski 19MAR09 TIA Healthcare ICT Section Teleconference.
Company: Cincinnati Insurance Company Position: IT Governance Risk & Compliance Service Manager Location: Fairfield, OH About the Company : The Cincinnati.
© 2017 SlidePlayer.com Inc. All rights reserved.