BQMI Cybersecurity experts support the GRC Risk Management and Security Office in the areas of Federal Information Security Management Act (FISMA) compliant security planning, incident response, operation and maintenance of the NASA network security environment, information protection, standards and cybersecurity training. We work with GRC to implement all NASA cybersecurity policies required to meet system security plan in support of Data Center management.
Our cybersecurity experts comply with all NASA cybersecurity policies (NPR 2810.1, FIPS PUB199, Standards for Security Categorization of Federal Information and Information Systems) and adhere to IT security directives and requirements. BQMI produces and maintains FISMA and other security process documentation including Systems Security Plans, Contingency Plans, Secure Configuration Management Plans, Center for Internet Security (CIS) Benchmarks, and Minimum Risk Assessments (MRA) and Plan of Action & Milestones (POA&M). BQMI supports both scheduled Agency and Center security system and application scanning. We perform vulnerability mitigations, as well as periodic security assessments/audits. We also support NASA access control and e-Authentication requirements.