Information Assurance

Assurance is defined as the degree of confidence that security needs are satisfied [NIST94a]. It is a very important product of security engineering. We believe there are many forms of assurance. The SSE-CMM contributes to one aspect, the confidence in the repeatability of the results from the security engineering process. The basis for this confidence is that a mature organization is more likely to repeat results than an immature organization. The detailed relationship between different forms of assurance is the subject of ongoing research. Assurance provides the confidence that the controls that have been implemented will reduce the anticipated risk.

Our information assurance staff is a rapidly growing team of professionals that supports the firm's shared goal of making LCCCS indispensable to clients we serve. Our information assurance staff provides our clients innovative Information Systems Security (INFOSEC) solutions and best value services including the following:

• System Security Plan Development and Evolution
• Risk Assessments
• Contingency Planning
• Incident Response Planning
• Certifications and Accreditations (C&A)
• Security Policy Development
• Vulnerability Assessments
• Forensics Analysis