C.E. Gregory & Associates, Inc.

Information Systems Consultants
Specializing in IT Security, Certification and Accreditation, and IT Privacy Protection

Professional IT Services Offered

• Management, operational, and technical reviews of IT systems implementation
• Certification and Accreditation for Federal military and civilian agencies using with DISA STIGs, DIACAP, DITSCAP, DCID 6/3, FISMA, NIST, OMA, FIPS, HIPAA, and HITECH guidelines
• IT security and privacy consulting on mainframe systems
• Certification & Accreditation (C&A) for FISMA Documentation Creation and Review for …

• System Security Plan (SSP)
• Privacy Threshold Analysis (PTA)
• Contingency Plan (CP),
• Contingency Plan Test (CPT)
• Statement of Records Notice (SORN)
• Security Risk Assessment (SRA)
• Plan of Action and Milestones (POA&M)
• Interface Communication Document (ICD)
• Interconnection Security Agreement (ISA)
• DIACAP Implementation Plan (DIP)
• System Identification Profile (SIP) – DoDI 8510.01
• DIACAP Scorecard
• Memorandum of Understanding (MOU)
• Certification & Accreditation  Boundary Scope Memo,
• Disaster Recovery Plan (DRP)

• Security, Test and Evaluation (ST&E) technical project support

• Build Test Cases
• Create Test Plan
• Provide previous C&A Documentation analysis
• Create POA&M items for all identified control deficiencies

• IT Security product implementation and mentoring assistance in RACF
• IT Security product technical training in all aspects of CA ACF2
• RACF and ACF2 implementation assessments (sample redacted evaluation available)
• z/VM and Z/OS technical consulting at the system programming level
• Security system conversions; ACF2 to RACF, RACF to ACF2, TSS to RACF,  mainframe to other platform
• IT privacy consulting; ensuring HIPAA compliance protecting PII and PHI
• IT security systems implementation; new systems installs

Contact Us