Professional IT Services Offered 

  • Management, operational, and technical reviews of IT systems implementation
  • Certification and Accreditation for Federal military and  civilian agencies using with  DISA STIGs, DIACAP, DITSCAP, DCID 6/3, FISMA, NIST, OMA, FIPS, HIPAA, and HITECH guidelines
  • IT security and privacy consulting on mainframe systems
  • Certification & Accreditation (C&A)  for FISMA Documentation Creation and Review for ...
    • System Security Plan (SSP)
    • Privacy Impact Assessment (PIA)
    • Privacy Threshold Analysis (PTA)
    • Contingency Plan (CP),
    • Contingency Plan Test (CPT)
    • Statement of Records Notice (SORN)
    • Security Risk Assessment (SRA)
    • Plan of Action and Milestones (POA&M)
    • Interface Communication Document (ICD)
    • Interconnection Security Agreement (ISA)
    • DIACAP Implementation Plan (DIP)
    • System Identification Profile (SIP) - DoDI 8510.01
    • DIACAP Scorecard
    • Memorandum of Understanding (MOU)
    • Certification & Accreditation  Boundary Scope Memo,
    • Disaster Recovery Plan (DRP)
  • Security, Test and Evaluation (ST&E) technical project support
    • Build Test Cases
    • Create Test Plan
    • Provide previous C&A Documentation analysis
    • Create POA&M items for all identified control deficiencies
  • IT Security product implementation and mentoring assistance in RACF
  • IT Security product technical training in all aspects of CA ACF2
  • RACF and ACF2 implementation assessments (sample redacted evaluation available)
  • z/VM and Z/OS technical consulting at the system programming level
  • Security system conversions; ACF2 to RACF, RACF to ACF2, TSS to RACF,  mainframe to other platform
  • IT privacy consulting; ensuring HIPAA compliance protecting PII and PHI
  • IT security systems implementation; new systems installs


© 2021 C.E. Gregory & Associates, Inc.
Site design by Total Concept