cybersecurity related images

Information System Security Officer (ISSO) Service

Enhance your organization's security posture with our professional ISSO team

For systems hosted in Enterprise Services Center's (ESC) federal Tier 3+ data center, ESC offers an extensive range of services to include dedicated Information System Security Officer (ISSO) services specifically matched to the needs and complexity of the agency system(s). This service includes year-round support in tracking, reporting, and coordination of mitigation strategies on Plan of Action and Milestones (POA&M), monthly security status meetings, development of Security Impact Analysis (SIAs) for planned changes/deployments to ensure any proposed changes/deployments are thoroughly evaluated for potential security risks, maintenance of Federal Information Security Modernization Act (FISMA) inventory records (as applicable) to ensure accurate tracking of all systems/components that support the agency-level risk management initiatives.

With a dedicated ISSO team, the security of the agency system(s) is continually in the hands of experts who are knowledgeable on the latest security threats and best practices. In addition to ISSOs being assigned to their system, the System Owner also benefits from those ISSO belonging to a much larger team of highly trained, skilled, and credentialed cybersecurity professionals of different backgrounds and expertise. This allows the dedicated ISSO team to consult the larger ESC ISSO team on more complex questions/situations and provide recommendations to the agency.

The ESC ISSO team consists of experts with experience in drafting cybersecurity procedures/standards, responding to real-world cybersecurity incidents, authoring/developing privacy documentation, negotiating inter-agency Interconnection Security Agreements (ISAs), technical implementation of security measures, and more. Having a dedicated ISSO team at your disposal ensures you benefit from their shared knowledge regarding best practices and development of new security solutions/improvements as they are discovered across the ESC customer base.

Eligibility

Federal civilian agencies are eligible to use these cybersecurity services from the DOT Enterprise Services Center (ESC). Department of Defense (DOD) organizations may be eligible for ESC cybersecurity services if their systems are unclassified.

Interested in this Fed-to-Fed service? Get a quote!

To get started, reach out to the ESC team. We will send you a simple questionnaire to fill out. Return the completed questionnaire to us and we will promptly develop a firm fixed-price quote, to include proposed schedules. If you just need a rough order of magnitude (ROM) estimate for budget planning purposes, just let us know.

Contact ESC at CyberServices@esc.gov to get more information and assistance.