We were asked to create a risk management and accreditation documents for a large national security IT infrastructure. The system enables the sharing of large volumes of timely data and risk assessments between several Government agencies.
We conducted detailed threat and risk assessments. Thereafter, we developed a risk treatment plan to mitigate the risks identified and mapped this to the system’s countermeasures. Our work convinced reluctant agencies to avail data for exchange.
The documents unified the procedures, processes, instructions and plans for maintaining security. The new system enables several government agencies to exchange vast amounts of sensitive, personal and national security data that improves service delivery.