Managed Compliance Service

The Managed Compliance Service (MCS) provides a thorough review of management, operational, and technical security controls implemented by the organization against regulatory requirements such as the NIST Special Publication 800-171 Revision 1, the Federal standard for Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations. MCGlobalTech engineers perform a comprehensive compliance audit of your operations, IT infrastructure and related networks - This includes cloud services, WAN/LAN, on premise information systems and physical environment.

The MCS identifies previously unknown vulnerabilities and identify ways to remediate/mitigate those vulnerabilities. The audit report will include a summary of findings, a prioritized ranking of vulnerabilities, and suggested remediation/mitigation steps.

The audit findings are documented in a Plan of Action & Milestones (POA&M) that will provide a customized remediation plan and timeline for each non-compliant control. Implementation of POA&M remediation activities is then tracked, validated and documented with quarterly assessments thus improving compliance posture and mature security program. These assessments review the status of all outstanding POA&Ms and required on-going monitoring and security activities. The security plans are also reviewed and updated accordingly during the quarterly assessments as required to demonstrate progress towards full compliance.

Fast Track to NIST 800-171 Compliance

The DOD required that contractors complete a NIST 800-171 audit and document their System Security Plans (SSP) and Plan of Action and Milestones (POAM) by December 31, 2017. At this point, companies that have completed their compliance audits and created their SSP and POAMs are considered in compliant as long as they can demonstrate that they are moving toward full compliance by implementing the POAMs and improving their security posture. The MCS implements an efficient process to get you to this compliance state as quickly as possible.

Related Security Services to Support Compliance

The foundation of any security program is the Information Security Policy Framework which documents the business security goals and directives of management. These policies must also reflect applicable industry and government regulatory requirements. The MCGlobalTech Compliance Team can provide a comprehensive set of Enterprise Information Security Policies addressing the policy requirements of the 14 control families of the NIST 800-171. These policies can be customized to fit the organization’s business and IT operational environments.

MCS customers have access to discounted Security Consulting Services for required on-going security activities including security architecture and engineering, security controls assessments, vulnerability and risk assessments, role-based security training and network penetration tests. These activities are scheduled as appropriate quarterly intervals.

All Managed Services

Managed Security Compliance

Our Managed Security Compliance Program (MSCP) provides full life-cycle…

Managed Compliance Service

The Managed Compliance Service (MCS) provides a thorough review of …

CyberRx Risk Intelligence

CEOs, CFOs, and other C-level executives in the critical industries sectors …

How safe is your data?

Get in touch to talk about improving your cyber security now