Integrity. Quality. Security.

Leigh has quickly become a go-to team member on a very complex FISMA compliance task at the IRS. He is 100% reliable, delivers A+ work every time, and is an absolute pleasure to work with. He has a wide breadth of knowledge and experience across the IA disciplines, which means I can throw any task at him and he will succeed with ease!

Marcie Nagel, Director Cyber Security
VARiQ Corporation

Leigh Riese consistently delivers the highest quality Information Assurance Services that meet or exceed both performance requirements and customer expectations during his time with the National Institute of Standards and Technology.  He is not only a consummate professional but a pleasure to work with.

Greg Fitzgerald, Vice President
Information Technology Coalition, Inc.

Leigh is an exceptional individual who any team would want as their first round selection; he is a detailed oriented security consultant with excellent communication skills. Leigh demonstrated superb subject matter knowledge and deep technical understanding. His exceptional interpersonal skills made working with him a pleasant experience. I look forward to the opportunity to work with Leigh again.

Mai Nguyen
I.T. Security Consultant

With our experts crafting custom system security plans, Information Technology Auditing & Professional Services (ITAaPS) offers your organization with expert IT security risk assessments in accordance with the National Institute of Standards and Technology‘s (NIST) Risk Management Framework (RMF).

Contact us to learn how your organization can lean on our quality work to meet your risk assessment needs. You can breath a sigh of relief knowing we’re doing the work so you can focus on your core competencies.

It doesn’t matter whether your organization has federally-owned or commercial systems requiring compliance with FISMA. We have the integrity and expertise to provide knowledge, skills, and tools to ensure your organization succeeds.

Through our program management, processes and experience, we offer the following services and can supplement your current IT assessment and/or audit program:

  • Pre-Assessment documentation preparation
  • Internal audit
  • Independent external assessment
  • Continuous monitoring
  • Process improvement

Preparation

Scope
Requirements
Artifact compilations

Execution

Conduct staff interviews
Documentation examinations
Security controls testing

Reporting

Issue resolutions
Plan of action and milestones
Assessment reports