SEC hires SRA for info assurance

SRA International has won a task order to provide information assurance service to the Securities and Exchange Commission's information technology security program.

The task order was awarded under the Chief Information Officer Solutions and Partners 2 Innovations program. The order has an estimated value of $12.7 million. The contracting authority making the award was the General Services Administration's Federal Technology Service Center for Information Security Services.

SRA will work with the SEC's Office of Information Technology to develop a cost-effective IT security program, according to company officials. Under the task order, SRA will develop an IT security architecture, provide a training and awareness program to promote compliance with that architecture, and develop a compliance monitoring and enforcement program.

Services covered under the contract include security architecture, audit, technical consulting, security policy review, compliance and oversight, awareness and training, and systems security and risk assessment. The SRA contract team includes System 1.

The task order follows a March report from the Government Accountability Office that found fault with the SEC's security regimen. "SEC has not effectively implemented information systems controls to protect the integrity, confidentiality and availability of its financial and sensitive data," the report states. The commission "has not fully developed and implemented a comprehensive agency information security program," according to the report.

In addition, GAO found that SEC established information security awareness programs for employees and contractors, but did not ensure that all personnel assigned to specialized IT positions completed security awareness training.

Moore is a freelance writer based in Syracuse, N.Y.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.