Policy Design

TWM Associates, Inc. (TWM) works with our customers to develop Information Technology (IT) Governance policies that meet the specific needs of their environments.

During the last 25+ years, TWM has written white papers which became the basis for the Defense Information Technology Certification and Accreditation Process (DITSCAP). TWM worked with National Institutes of Standards and Technology (NIST) to tailor the DITSCAP into a Federal Policy that became the National Information Assurance Certification and Accreditation Process (NIACAP). TWM also developed the first Security Technology Information Guides (STIGs) utilized by Defense Information Systems Agency (DISA), and TWM helped develop NIST guidelines that apply to all Federal agencies. TWM has developed policies for Firewalls to ensure certification; developed the connection approval process for maintaining certification for large communication infrastructures; and wrote many other application security policies such as mobile code requirements, development standards, and naming conventions for Java.
TWM´s approach to policy design is based on the standard components that are part of the policy design, which includes: problem identification, policy formulation, agenda setting, decision-making, and policy implementation. TWM understands that in addition to ensuring our Customers adhere to organizational rules, regulations, and external regulations, TWM must helps our customers implement policies to help maintain consistency among all members of the organization.