CyberSecurity and Information Assurance
AMC utilizes a comprehensive system of management controls and standards that monitor and sustain critical data throughout its lifecycle. Our CyberSecurity experts bring significant experience managing multiple information systems concurrently throughout their lifecycles to ensure that they meet organizational confidentiality, availability, and integrity standards. AMC has significant experience applying Commercial standards and Federal statutes and regulations to data security requirements. We have strong knowledge of DoD network and security standards, including National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171, NIST Risk Management Framework (RMF) and Federal Risk and Authorization Management Program (FedRAMP). We have conducted routine and ad-hoc technical reviews to assess and verify that software releases are in conformance with business needs and constraints, DoD and Federal regulations, and system architecture guidelines. We have performed DIACAP, NIST RMF, and FedRAMP vulnerability assessments and obtained Authority to Operate (ATO) multiple times. Our experts implement “up-front and early on” incorporation of CyberSecurity governance controls to successfully obtain the necessary security approvals for systems under development. We manage security requirements while maintaining a balance among several factors that include: urgencies and timelines of the upcoming program milestones, the importance and sensitivity of the information and information assets, threats and vulnerabilities, trustworthiness of users and interconnecting systems, and cost effectiveness. Our holistic approach is detailed below.