Contract number: GS00T04SJA0005 / GS-35F-4315D
Fee: .75% (GSA)
Contract summary: Telos Corporation is a select provider of Xacta IT security consulting services to USDA. Xacta, Telos’ subsidiary for secure enterprise solutions, has extensive experience helping government and defense agencies secure and optimize their IT systems, offering services on a firm-fixed-price and time-and-materials basis.
Telos’ blanket purchase agreement (BPA) with USDA covers:
Comprehensive C&A Services
The Xacta methodology for certification and accreditation has been developed through real-world application in hundreds of federal and defense agencies. Our process aligns with the USDA C&A process to ensure compliance with the department’s requirements.
Phase 1: Pre-certification
Xacta will identify the system and its environment; plan the C&A approach, resources, and schedule; and determine its security requirements and controls. Xacta uses its proven C&A process to collect all pertinent data to prepare the initial Security Plan and Risk Assessment for a system or network, which includes accreditation planning information, a system description including its security categorization, and a Security Requirements Traceability Matrix (SRTM) with the USDA’s security requirements applicable to the information system.
Phase 2: Certification and Accreditation
Xacta will document compliance of the system with the security requirements agreed to in the SRTM, evaluate system vulnerabilities, and assess risk. The Xacta Team will develop a test plan and procedures to verify requirement compliance, execute the tests in accordance with the plan, document the results in an ST&E Report, recommend countermeasures as appropriate, and update the risk assessment.
Phase 3: Post-Accreditation
Xacta does not treat a C&A as a “point in time” event, but part of a continuous process. The Xacta C&A methodology assures that the system continues to operate at an acceptable level of risk; this effort includes ongoing maintenance of the C&A documents, system operations, security operations, configuration management, and compliance validation.
Security Plans
Our analysts will review or prepare plans using the USDA templates for general support systems, major applications, and overall program security plans as well as NIST 800-18 guidance. The final security plan will be a living document that can be updated as the system or its environment changes.
Risk Assessments
Our analysts will provide risk assessments of your systems to ensure compliance with the USDA Risk Assessment Methodology. Our assessments indicate compliance with applicable regulatory and statutory requirements; conformance with format and content requirements; evaluation of potential risks, threats, and vulnerabilities; and whether counter-measures have been recommended and documented.
Trusted Facility Manuals and Security Features Users Guides
Our analysts will use the USDA guidelines to prepare or review Trusted Facility Manuals (TFMs) and Security Features Users Guides (SFUGs) for USDA systems, ensuring that the TFMs and SFUGs adhere to the USDA format and content as well as the guidance provided from the National Computer Security Center for those documents.
Contingency Plans
Xacta will construct contingency plans for emergency response, disaster recovery, and business resumption in accordance with USDA and NIST guidance. When reviewing contingency plans, we will ensure that they follow the content and format required by USDA and NIST guidance (NIST 800-34, Contingency Planning Guide for Information Technology Systems).
Government POC:
Howard B. Parker Jr.
GSA, FTS, CISS (TFI)
301 7th Street NW
Washington, DC 20407
202/401-7139
Telos POCs:
Sales:
Jennifer Knickelbein | 703-724-4597 | mailto:jennifer.knickelbein@telos.com
Carter Vaughan | 703-724-3657 | carter.vaughan@telos.com
Contracts:
Rachel Shalda | 703-724-4547 | rachel.shalda@telos,com
Polly Downey | 703-724-3670 | polly.downey@telos.com
