FISMA Compliance

TWM Associates, Inc. (TWM) has been one of the leaders in the evolution of IA within the Federal Government. Our participation in the Federal Security Community began in 1991 supporting various weapons programs within the Navy, evolved into security support for the Department of Defense (DoD), and then evolved into security support for Federal Agencies.

TWM’s support for the Federal Information Security Management Act (FISMA) compliance began with the prior law under the Government Information Security Reform Act (GISRA). TWM was one of the first to develop a security controls database for use in the evaluation of the security controls of a large enterprise for the first year of GISRA compliance, in support of a Federal Agency Offices of the Inspector General (OIG). This has since evolved into our more recent Security Assessment Working (SAW) tool that is utilized in helping an agency ensure they are functioning and effective in their controls testing for FISMA compliance, based on the NIST 800-53a test controls integrating continuous monitoring within a Risk Management Framework utilizing automated tools. Further, TWM was one of the first to integrate the security controls compliance activities across the myriad of laws, regulations, and compliance requirements to assist entities to meet their compliance goals and improved security postures in a single effort vs. a plethora of individual efforts which resulted in non-cohesive approaches and unnecessary expense to the agencies. This extensive experience and commitment to excellence is reflected in our achieving ISO 9001and 27001 accreditation.
 

top