Cyber Security Assessments and IT Audits

SysAudits offers a variety of cyber security services that include Federal mandated FISMA assessments and IT audits.

FISMA Assessments and Audits

The Federal Information Security Management Act (FISMA) is a federal law under the E-Gov Act that was enacted to increase the security posture of government agency federal systems, bureaus, departments and their supporting entities. For Federal agencies that are required to comply with FISMA, the requirement extends to compliance with their 3rd party providers which may include outsourced data centers, application providers, and cloud service providers.

SysAudits offers a variety of services to assist in meeting FISMA compliance from an operational OCIO and an Inspector General (IG) audit perspective. OCIO pre-assessments can assist IT leadership in identifying weaknesses in meeting FISMA and assist in developing plans of actions and milestones prior to an Audit assessment. The value in an internal self-assessment is identifying weaknesses prior to an external audit. Audit assessments are clearly performed as an independent audit to determine an organization compliance in meeting FISMA. Both findings and recommendations are identified with reporting to meet the Cyberscope reporting deadline.

SysAudits staff have extensive experience on both the Audit and CIO perspective. This perspective brings value in performing pre-assessments and audits which makes SysAudits stand out amongst other consulting firms. SysAudits methodology consists of assessing, testing and reviewing information systems through in-depth assessment of NIST defined management, operational, and technical testing of controls. The following represents services provided by SysAudits:

IT Audits

SysAudits has extensive experience in performing all types of IT audits that include audits of: