U.S. Food and Drug Administration
As part of the FDA IA Support Team, STG engineers ensured that FDA eliminated all major FISMA audit findings through aggressive mitigation, continual monitoring and reporting of all system security statuses while reducing minor FISMA audit findings by more than 75 percent.
Each member of the STG FDA IA Support Team received the FDA Commissioner’s Special Recognition Award in June 2004. The award states: “For establishing and overseeing the FDA IT Security Program, successful implementation of an agency-wide IT security training and awareness curriculum.”
Veterans Health Administration
Independent Security Controls Assessments Exceed Customer's Expectations
STG conducted independent Security Controls Assessments (SCA) for the Veterans Health Administration (VHA) Office of Information, Health Information Architecture and Veterans Health Information Systems and Technology Architecture (VistA). At VA medical centers throughout the United States, Puerto Rico and the Philippines, STG’s lead network experts documented all IT security functions and assurance requirements, tested for system and application vulnerabilities, assessed system software configurations and examined security functional requirements. By implementing custom software scripts, they generated reports detailing the condition of each platform, as well as security test outcomes and findings. During the first contract year, STG completed SCAs and C&A on more than 600 VA systems department-wide. The team also trained more than 90 other VA and contractor personnel assigned to this project. Because of STG’s past experience with VHA business expertise, including knowledge of VHA Health Information Systems and knowledge of health information management processes and principles, the team was able to successfully realign resources and reprioritize to the complete satisfaction of VA. A major factor in the success of this endeavor was STG’s capability to quickly form and manage high-performance, multidisciplinary teams. STG completed this task on time and under budget despite the customer’s expectation that it could not be accomplished within the allotted time frame.