Information Security and Compliance Solutions

We specialize in providing expert consulting services to help agencies design and deliver secure information technology solutions in compliance with the stringent Federal Information Security Management Act (FISMA) and the DoD Information Assurance Certification and Accreditation Process (DIACAP).

New Systems and Technologies

We can develop a DIACAP-compliant security strategy and produce the required DIACAP documentation and artifacts that demonstrate a Program Office’s IA (Information Assurance) due diligence. In addition, we will provide IA compliance testing and verification, secure application development requirements and metrics, and system and network security engineering support. Some of the DIACAP focus areas supported include:

• Initiation and Planning
• Designing a Tailored DIACAP Approach
• System Identification Profile (SIP)
• DIACAP Implementation Plan (DIP)
• Implementation and Validation of Assigned IA Controls
• DIACAP Scorecard
• DIACAP Artifacts as Required
• Plan of Actions and Milestones (POA&M)
• Performing Annual Compliance Maintenance and Reviews
• Configuration Control and Management
• Risk Management

Transition to DIACAP

While the DITSCAP (DoD Information Technology Security Certification and Accreditation Process) is being phased out, some Program Management Offices still accept this format. Our consultants can provide you with expert DITSCAP services for any need. We can also assist legacy DITSCAP-certified systems in their transition to the DIACAP standard, which will provide continuity in the areas of compliance and secure operation. The DIACAP is designed to reflect the connected (net-centric) state of today’s systems and software applications—enabling those items to seamlessly integrate in the Global Information Grid (GIG) without posing new threats and vulnerabilities to other functions within the GIG. The DIACAP is the standard DoD process for identifying, implementing and validating Information Assurance (IA) controls for all DoD Information Systems, throughout the Product Development Life Cycle from concept through decommissioning phases.Our consultants work for you to ensure your organization receives the necessary certificate of accreditation needed to connect and operate with other DoD systems or to obtain the necessary accreditation to get your product on the commercial off-the-shelf (COTS) listing so your organization can sale products to the Department of Defense. To learn more about our Service offerings, please call us at 405-285-5349.

Information Management Systems Development Services

Whether it is configuring and/or updating existing systems, or designing, building and deploying an entirely new application, GBK software engineers consistently exceed our client's expectations. GBK is a Microsoft™ Development Partner and has designed, developed and deployed both server and web-based applications to achieve organizational goals. These applications included: SCORM 1.2/2004 and AICC-compliant learning management systems;

Air emission inventory management applications; web-based, enterprise hazardous waste tracking and record-keeping system, as well as the design of function-specific work-flow applications.