Information Technology Services

Information Technology Security Services

ARC IT Security Services: Information Security Solutions That Work!

The ARC Security Services, and Information System Security Line of Business (ISSLOB) Shared Services Center (SSC), provides agencies with proven Security Assessment and Authorization (SA&A) services. Other services provided include continuous monitoring, vulnerability testing and assessment and security program review and consulting.

As an established leader, ARC's IT Security Services staff delivers security support to other federal agencies, while improving quality, accelerating delivery, and reducing costs.

Our proven reliable security services are executed by a highly skilled and respected staff working in conjunction with support staff and industry leading private-sector companies.

Our SA&A process includes:

  • Security Assessment
  • Rules of Engagement
  • Issue Resolution (IR) Documentation
  • Security Assessment Reports (SARs)

To prepare your agency for SA&A activities, we'll work with you to develop or update:

  • FIPS 199 Security Categorization
  • Privacy Impact Assessment (PIA)
  • E-Authentication Risk Assessment

Vulnerability Testing and Assessment

ARC security analysis utilizes advanced methods for vulnerability detection. An objective assessment is provided for each vulnerability and associated risk based on existing controls, probability of occurrence, and impact to the confidentiality, integrity, and availability of the system. The assessment includes the following security testing options:

  • Application
  • Database
  • Web Application
  • Network
  • Server
  • Workstation

Security Review and Consulting

Call on ARC IT Professionals for in-depth security assessments and consulting services, including the following:

  • Initial review and assessment of your security program to determine SA&A effort
  • Performance of all security-related tasks and activities to assess the current state of information systems according to federal regulations, laws and NIST standards including the review of security policies, processes, procedures, documentation, previous audits, and interviews of personnel involved in the management and operation of the information system. A full assessment report is prepared at the conclusion of the security review
  • Development of security documentation (e.g., security plan, business impact assessment)
  • Continuous monitoring activities such as development of a continuous monitoring plan, review and update of security documentation, security controls testing, etc.

Service Availability

Hours of availability for security analysts are negotiated on a per-client basis.

Contact Us Now!

New Services
ARC Communications Mailbox

Assistance for Current Customers