Pension Benefit Guarantee Corporation

The Pension Benefit Guaranty Corporation (PBGC) protects the retirement incomes of nearly 40 million American workers in nearly 24,000 private-sector defined benefit pension plans. PBGC was created by the Employee Retirement Income Security Act of 1974 to encourage the continuation and maintenance of private-sector defined benefit pension plans, provide timely and uninterrupted payment of pension benefits, and keep pension insurance premiums at a minimum.

As a Federal Government agency, PBGC is required to meet the control standards laid out in FISMA and further defined by NIST, including the Risk Management Framework (RMF). PBGC began work with TalaTek in 2008 with an initial goal of implementing continuous monitoring in compliance with the RMF as outlined in NIST SP 800-137.

From there, the teams worked together to build an integrated risk management program aiming to improve and mature PBGC’s processes. In support of this program TalaTek provides integrated risk management services that include continuous monitoring, development and documentation of security policies and procedures and business impact analysis of risks in the environment with emphasis on trend analysis and risk metrics using qualitative and quantitative measures.

With the vision of merging IT and business processes to best support the agency’s mission, PBGC’s program quantifies and visualizes risk, ensuring the team can prioritize investments and focus agency resources to improve their risk posture. A key to the program’s success has been leveraging process and technology to transform paper-based compliance exercises into an automated risk-based approach to implementing the NIST Risk Management Framework.

 

“[TalaTek] has provided consistent quality services and deliverables under this contract. Their commitment to ensuring effective, efficient use of government resources allocated to the contract is commendable. Their proactive management has resulted in enhanced security management and more robust risk management of our systems.”

Contracting Officer Representative (COR)
Pension Benefit Guarantee Corporation
CPARS Review, July 2016