Pension Benefit Guaranty Corporation
As a Federal Government agency, PBGC is required to meet the control standards laid out in FISMA and further defined by NIST, including the Risk Management Framework (RMF). PBGC began work with TalaTek in 2008 with an initial goal of implementing continuous monitoring in compliance with the RMF as outlined in NIST SP 800-137.
From there, the teams worked together to build an integrated risk management program aiming to improve and mature PBGC’s processes. In support of this program TalaTek provides integrated risk management services that include continuous monitoring, development and documentation of security policies and procedures and business impact analysis of risks in the environment with emphasis on trend analysis and risk metrics using qualitative and quantitative measures.
With the vision of merging IT and business processes to best support the agency’s mission, PBGC’s program quantifies and visualizes risk, ensuring the team can prioritize investments and focus agency resources to improve their risk posture. A key to the program’s success has been leveraging process and technology to transform paper-based compliance exercises into an automated risk-based approach to implementing the NIST Risk Management Framework.
Contracting Officer Representative (COR)
Pension Benefit Guaranty Corporation
CPARS Review, July 2016