IT Phenoms, Inc. is a woman-owned small business specializing in the delivery of advanced cybersecurity services to government and commercial customers. IP Phenoms has been providing support for enterprise-class information systems and security components of Fed/Local Government, DoD, and Private Sector for over a decade.
Summary of Professional Services . . .
Developing turn-key FISMA, NIST, and OMB compliant C&A (Certification and Accreditation) processing for federal entities to include full C&A packaging, ST&E, Privacy Impact Analysis, Security Self Assessments, and POA&M reporting to OMB
Quick response and expedited C&A package development to meet short delivery dates and/or impending ATO expiration
Conducting risk mitigation strategies and security implementations for complex and distributed wans, major applications, and general support systems
Oversight for establishment, implementation, and adherence to IT security policies and procedures
Auditing, remediating, and reporting of regulatory compliance
Developing and implementing IT security policies and procedures
Vulnerability assessment and remediation
Penetration testing (ethical hacking)
Providing systems security architecture and engineering
Implementing and managing operational security tools supporting intrusion detection, centralized logging and event correlation, patch management, and other operational security processes
Developing security-related documentation such as ATO, SSPs, CPs, CMPs, MOU/As, ISAs, POA&Ms, CRs. SOPs
IA Governance & Compliance
Information Assuranance and Assessment&Authorizatio Masters and Subject Matter Experts
Organization- and System-Level Program Analysis, Development, Support, and Reengineering
General Support System/System of System, and Major / Minor Application customers
OIG FISMA/FSA audit Support
End-to-end FISMA / FISCMA / A-123 lifecycle support
Short and long-range security planning
Cybersecurity
Continuous Monitoring
Security Control Assessments
POA&M Management
Host and Application Vulnerability Assessment
Baseline Compliance
Penetration Testing
Incident Response
OMB & CyberScope Reporting
Security Awareness Training
Contingency Plan Development,Testing, and Training
ISSO / ISSM Support
Security Control Assessment
POA&M Management
Host and Application Vulnerability Assessment
Baseline Compliance
Penetration Testing
Incident Response
OMB & CyberScope Reporting
Security Awareness Training
Contingency Plan Development,Testing, and Training
