Faced with an increasing number of regulations and standards, Agiliance Federal Agency customers rely on us to help meet requirements around securing data and to mitigate threats in their environment resulting in an 'audit-ready' state of risk and compliance.
Customer Success Briefs
|Federal Health Agency|
Federal agency has over 65,000 employees working in 11 operating divisions and over 300 budgeted programs
The agency achieved enterprise-wide situational awareness resulting in transparency of incident risks and ongoing measurement of compliance posture with timely and rigorous mitigation of security and breach incidents. Learn more.
|·||High volume of sensitive personal data, cost, and risk of breach is high|
|·||Large and distributed organization that shares data extensively with the private sector, other agencies, and other governments|
|·||Silo processes and systems to manage incidents, including risk analysis, prioritization, response and resolution|
|·||Single collaborative platform to manage incidents across all operating divisions with normalized process and protocol|
|·||Integrated risk management into incident management protocol|
|·||Workflow driven automation guarantees timely response and resolution to incidents|
One of the world's most efficient government administrators that services private citizens and helps them understand and comply with the law.
The agency gained enterprise-wide technical control of risk monitoring, including NIST compliance automation and CISO Level Risk Situational Awareness. Learn more.
|·||No centralized visibility and enterprise wide measurement of technical control risk metrics|
|·||High volume of dynamically changing threats and increased amount of control exception requests|
|·||Limited ability to prioritize remediation and exception requests based on risk thresholds|
|·||Continuous risk monitoring via automated assessment of technical controls checklist|
|·||Risk assessment reporting based on automated checks, pass/fail details, and material weakness audit findings|
|·||Risk weighted policy and control exception tracking and review|
Agency required to meet FISMA requirements through C & A process using continuous assessments and compliance automation.
The Agency met FISMA C & A - NIST 800-53A, 800-60, FIPS 199, and 800-37 compliance experiencing new efficiencies with configuration and patch scan integration, vulnerability scan integration, and dynamic POA&M. Learn more.
|·||Existing C&A processes separate from Security Operations|
|·||Inefficient manual and consultant driven tools, i.e. spreadsheets, C&A document repositories, and C&A SSP tools|
|·||Needed to create continuous configuration and patch level assessment based on computing asset criticality|
|·||Needed to reduce average C&A cost by 60% on an SSP project scope basis to free up budget for new control and risk initiatives|
|·||Real-time visibility on risk and compliance status against FISMA and IT Security Risk Management requirements|
|·||Risk reduction through integrated compliance automation and continuous configuration, patch and vulnerability assessments|