TWM Associates, Inc. (TWM) has been supporting Federal Offices of Inspector General (OIG) since 1996.
TWM has supported OIG efforts in accordance with OMB Circular A-130; Government Accountability Office’s (GAO’s) Federal Information System Controls Audit Manual (FISCAM); current National Institute of Standards and Technology (NIST) guidance, including Special Publication (SP) 800-53A, Guide for Assessing the Security Controls in Federal Information Systems; and the GAO Yellow Book.
TWM has assisted OIG offices in ascertaining, verifying, and validating information system security, as it relates to the development of assessment and authorization documentation. TWM has objectively designed security improvement through recommendations, testing, and analyzing security weaknesses. Additionally, TWM has evaluated networks, firewalls, routers, server operating system configurations, web applications, database, and storage area networks. These reviews and audits have been performed as parts of Federal Information Security Modernization Act (FISMA) audits, data center reviews, general control reviews, application control reviews, performance reviews, etc.
TWM works within our customer’s framework for risk acceptance in the construct of the workplans and objectives for each of the activities undertaken to address the objectives at hand and provide security recommendations that are effective for the environments at hand.