Re: FISMA assessments - NY

dupeone · ‎10-30-2019

Hi All,

I am looking for recommendation on a good firm that handles FISMA assessments. Something more than just interviews and "honesty" policy of assessment. Looking at controls, network, verification of controls and countermeasures. Ideally in the New York area, but if the firm is good and travels, that works as well.

Thank you for any help you can lend.

thanks

Troy_Fine · ‎10-30-2019

http://www.kratostts.com/solutions/cybersecurity-and-ia/cybersecurity-risk-management/fisma

I work closely with them. They are out DC area, but work with clients all over. I specialize in SOC 2 audits and they specialize in FISMA/FedRAMP, so its a good relationship. Happy to provide an introduction. You can email me at tfine@schneiderdowns.com if you would like an intro.

carter1679 · ‎10-30-2019

Hello,

So if you are not a USG entity, why are you looking for a FISMA assessment rather than prep for CMMC using the proposed categories 1-5 to measure against 800-171? Not faulting, just asking?

Carter

dupeone · ‎10-30-2019

FISMA is a compliance requirement for some government contracts the entity
has been awarded.

carter1679 · ‎10-30-2019

I am in the Red Bank, NJ area. More than happy to set up a call with you.
Having been a GovCon supporting DOD, DHS CISO, and Justice, I have
significant experience in this area and would like to make sure your firm
doesn't go too far down a path that may prove to be an issue next year.

Carter (202) 660-8066

--
"What's the matter Brad? I've been nominated by the President!"
But its not official until its confirmed by the Senate?

"Well,...they have their schedule. And I have mine!"