Information Security Program Management
- Development, implementation, administration, and maintenance of Information Security governance (policies, processes, and procedures) and compliance documentation.
- Establishment and maintenance of organized, current, and accessible information security data repositories to include but not limited to:
- Organizational information security policy & procedures documents
- Regulatory compliance documents
- FISMA/FedRAMP Assessment and Authorization packages
- System Security plans
- Security & Privacy assessments
- IT Business Continuity & Disaster recovery plans
- Incident Response plans, Awareness & Training
- Access and Authorization forms
- Change management documentation
- Risk evaluation and mitigation documentation