Information Security

Subsystems has supported information assurance tasks at the Drug Enforcement Administration (DEA) since 2001. Our scope of work has steadily grown from primarily certification and accreditation (C&A) to physical security, information technology (IT), security and analysis. Our work includes evaluating complex, mission-critical IT systems for vulnerability and risk analysis. Specific tasks include conducting C&A; developing policies and procedures; testing and evaluation; system categorization; internal investigations; and developing disaster and/or emergency recovery procedures.

We have the knowledge and experience in the state-of-the-art methods and procedures to protect information systems and data by ensuring their availability, authentication, confidentiality, and integrity. Specific experience includes:

• Conducting risk analysis, site surveys, integrated products integrity analysis, vulnerability assessments, penetration testing, and certification and accreditation per NIST guidance
• Analyzing physical security
• Developing security policy and procedure documentation and mitigation plans, FISMA compliance, and security computer-based training

For more information, please contact: