Security Assurance and Engineering

NIST 800-53 / Risk Management Framework (RMF)

UI’s team is highly experienced in RMF compliance and package completion for all types of systems. We provide services to companies so they may obtain initial ATO as well as continuing support after ATO has been granted. Our services include:

  • Initial System categorization and Risk Assessment Report (RAR)
  • Baseline control selection and policy, procedural and technical implementation
  • Policy Document for all 18 Families
  • Standard Operating Procedure (SOP) for required Roles


Security Control Effectiveness Review and Remediation

  • Manual review utilizing STIG viewer and checklist to evaluate and harden IS components
  • Implementation Plan, System Level Continuous Monitoring (SLCM) Plan, and CCI


Requirement Test results

  • Training material for personnel
  • POA&M
  • Final Risk Assessment Report (RAR)
  • eMASS Upload Support


After ATO is granted:

  • Continuous Monitoring (ConMon) Services after ATO granted
  • Continuous ISSE support


Cross Domain Security Solutions

UI Engineers provide subject matter expertise support to systems that span multiple security domains in support of Multi-Level Security (MLS) systems. We provide engineering expertise in the design of cross domain capabilities and coordinate with stakeholders. 

Physical and Program Security

UI supports our industry customers and partners with full cycle physical and program security compliance under the National Industrial Security Program. We provide subject matter expertise from Facility Clearance (FCL) sponsorship and security program development to security management, administration and continuous monitoring in the Assistant CPSO, Assistant FSO and Information Systems Security Engineer (ISSE) roles.