 |
Department of Treasury
|
Security Program Support for General Support Systems (GSS) and Major Applications (MA)
BSC Systems provided IT Security engineering support to the OCC under multiple task orders since 2001. Risk Assessments have been completed for three General Support Systems (GSS) and eight of the OCC's Major Applications (MA). Accomplishments included:
- Developed project plans for conducting security assessments
- Acquired and evaluated applicable security control information
- Characterized the systems in terms of scope, assets, information, and criticality
- Developed baseline security requirements
- Performed Vulnerability (Penetration) Testing
- Conducted Vulnerability identification and control analysis
- Identified threat sources
- Determined likelihood, impact, and risk
- Performed program cost benefit analysis
- Prepared safeguard recommendation report
- Developed safeguard implementation plan
- Performed NIST SP 800-30, OMB A-130, and FISMA compliant risk assessments
- Documented findings and recommendations
Operation of Computer Incident Response Center (CIRC)
- Event Reporting
- Identification and Categorization
- Containment and Eradication
- Recovery and Follow-up