Information Assurance

Information Assurance

SRC defines complex operational and technological requirements by researching and identifying best-in-industry solutions and delivering unbiased and credible recommendations. We deliver information assurance support to the intelligence community and DHS in the following areas:

IA Policy and Program Planning

SRC seeks to ultimately enhance the customer's overall business processes through IA policy and program planning. This starts by defining an IA infrastructure and the roles and responsibilities. We then devise training standards, develop self-evaluation processes and identify existing or needed skill sets to implement an effective IA program.

Information Risk Analysis

SRC helps determine the sensitivity, criticality and lifespan of corporate information, taking particular note of "crown jewels." We then profile the user base, looking at the information needs, access privileges and characteristics specific to its use. Our analysts then conduct assessments that identify and correlate threats to vulnerabilities. We conclude this study with an estimate of the organization's information risk.

Protection Engineering

We develop processes for network monitoring and computer defense metrics. SRC also institutes vulnerability scanning in support of reliable, patch-level situational awareness and management.

Certification and Accreditation

SRC works with SCOs, ISSMs, and directorate acquisition, development and operations managers to establish security requirements and the C&A boundary. We define accreditation criteria, review certification test results and recommendations, and prepare the CIO to make informed risk management decisions.

Contact Us

For more information about our capabilities with information assurance, please contact us today.