Policy Design

TWM Associates, Inc. (TWM) works with our customers to develop Information Technology (IT) Governance policies meeting the specific needs of their environments.

During the last 30+ years, TWM prepared white papers becoming the basis for the Defense Information Technology Certification and Accreditation Process (DITSCAP). TWM worked with National Institutes of Standards and Technology (NIST) to tailor the DITSCAP into a Federal Policy that became the National Information Assurance Certification and Accreditation Process (NIACAP).

TWM also developed the first Security Technology Information Guides (STIGs) utilized by Defense Information Systems Agency (DISA), and TWM helped develop NIST guidelines that apply to all Federal agencies. TWM has developed policies for Firewalls to ensure certification; developed the connection approval process for maintaining certification for large communication infrastructures; and wrote many other application security policies such as mobile code requirements, development standards, and naming conventions for Java.

TWM´s approach to policy design is based on the standard components that are part of the policy design, which includes: problem identification, policy formulation, agenda setting, decision-making, and policy implementation.