Home Company Services Support Career Partners Government Contact Us Training Center
Arrow Cyber Capabilities



Enterprise Application Security Assessment Services (AQ)

IceTech provides an on-site review of your institution's applications and database security, identifying the business process, policy, and system environment risks and outlining detailed recommendations for remediation.

Analyzes network and system vulnerabilities and provides actionable steps for rectifying them. Also combines thorough interviews, advanced scanning technologies, and documentation review to identify and resolve areas of exposure within the IT environment.

  • Policy planning and development
  • Vulnerability Assessment
  • Disaster Recovery Planning
  • Security Program Planning and Penetration Testing
  • Certification and Accreditation
  • Inside Threat Protection

In today's connected world, fast and efficient access to critical information is a vital part of business operations. To IT administrators, the challenge is to secure that information with a minimum of disruption to the end user. Threat Protection
Customers vulnerabilities to threats are identified, analyzed, and neutralized

IceTech knows and meets those challenges every day. We collectively bring a century of real-world experience to securing enterprises and their critical assets.

Our Information Security Services offer
Our solutions that will address your unique need. Whether it is applying industry best practices or meeting regulatory requirements, Icetech is here to help. The following provides a high-level list of Information Security Services that Icetech offers today.

  • Policy planning and development
  • Risk Assessment
  • Disaster Recovery Planning
  • Security Program Planning
  • Penetration Testing
  • Security Policy Design and Review
  • Network Security Architecture Design
  • Security Implementation
  • Vulnerability Assessment & Troubleshooting
  • Security Audit
  • Managed Security Services
  • Intrusion Monitoring and Response
  • Firewall and VPN Management
  • Site and Content Filtering

IceTech analyzes network and system vulnerabilities and provides actionable steps for rectifying them. Our consultants also combine thorough interviews, advanced scanning technologies, and documentation review to identify and resolve areas of exposure within the IT environment.
Compliance Gap Assessments
Ensure your organization is compliant to your industry regulations

  • Federal Information Security Management Act of 2002 (FISMA)
  • National Information Assurance Certification and Accreditation Process (NIACAP)
  • Office Of Management Budget Circular 130 A
  • NIST Security Publications
  • Sarbanes-Oxley Act (SOX)

Certification and Accreditation
IceTech C&A team is expert in assisting customers meet regulatory and compliance requirements by conducting Certification and Accreditation (C&A) of general support systems and major applications. Icetech provides an independent assessment of the System Security Plan (SSP) and its implementation to help ensure that security controls for the information system are adequate to meet all applicable security requirements.
Why Icetech?

  • Experienced provider of C&A services to Federal Agencies
  • Leverages best practices from across the U.S. Federal Government and private sector
  • Value-oriented, professional project management
  • Efficient, repeatable processes
  • Consultants experienced in C&A
  • Consultants with active federal security clearances

Certification and Accreditation (C&A) Documentation
IceTech will prepare and deliver a C&A package that typically will consist of the following documents and plans. Additional documents and reports can be set up, to meet agency specific requirements:

  • Certification and Accreditation Plan
  • System Security Plan
  • Risk Assessment
  • Security Test and Evaluation Plan and Report
  • IT Contingency Plan
  • Configuration Management Plan
  • Certification Letter and Accreditation Letter

Certification and Accreditation (C&A) Methodology
IceTech C&A methodology is based on National Institute of Standards and Technology (NIST) Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems, and is easily adapted to meet agencies' own internal C&A process. IceTech methodology incorporates activities, general tasks, and a defined management structure to help agencies obtain and maintain enterprise-based C&A for their information system infrastructure and applications. The methodology is sufficiently flexible to evaluate systems in various lifecycle stages, systems under evolutionary development, and single-purpose or legacy systems, for as long as they exist. Standardized assessment methods and procedures promote more consistent, comparable, and repeatable security assessments of federal information systems.