Teichos Consulting provides security assessment services to assess the security posture of your organization by assessing the adequacy of policies and procedures as well as operational and technical security controls. Our vulnerability management team will provide technical vulnerability assessments, tailored to your organization's specific operating environment.

HIPAA-HITECH

HIPAA and HITECH require the performance of periodic technical and non-technical evaluations on the implementation of security safeguards.  These assessments must be performed as part of the initial implementation, and in response to environmental or operational changes affecting the security of electronic PHI (ePHI).  The pupose of such assessments is to determine the extent to which security controls are implemented and operating as intended.

Teichos Consulting implements the risk management and assessment methodologies developed by the National Institute of Standards and Technology (NIST) in response to the Federal Information Security and Management Act (FISMA) of 2002.  We have taken this approach due its defensibility because of the maturity of the process and its governmental acceptance as a comprehensive, well-designed, and tailorable approach.  Teichos Consulting has mapped appropriate controls from the guideline presented in NIST Special Publication 800-53 Revision 4, to meet specific HIPAA-HITECH requirements.  Assessment reports clearly document this mapping.

FISMA

The Federal Information Security and Management Act (FISMA) of 2002 defined a comprehensive framework aimed at protecting government information and assets against both natural and man-made threats.  It directed the National Institute of Standards and Technology (NIST) to develop security standards and guidelines to implement a risk management framework and security safeguards for federal information systems.  It requires federal agencies to categorize information and information systems to be protected and implement a minimum baseline of security controls.  Additionally, security controls must be documented and regularly assessed to determine their effectiveness.  All information systems must be formally authorized to operate and security controls must be monitored on a continuous basis,

Teichos Consulting provides independent security assessments of information systems as required by FISMA for most information systems.  Our security professionals hold DoD 8570 approved certifications to meet IA Workforce Qualification Requirements for all IAT, IAM, IASAE Levels.  Our seasoned consultants are ready to provide comprehensive security services supporting FISMA requirements, to include full SA&A documentation package.