SEC hires SRA for info assurance

SRA International has won a task order to provide information assurance service to the Securities and Exchange Commission's information technology security program.

The task order was awarded under the Chief Information Officer Solutions and Partners 2 Innovations program. The order has an estimated value of $12.7 million. The contracting authority making the award was the General Services Administration's Federal Technology Service Center for Information Security Services.

SRA will work with the SEC's Office of Information Technology to develop a cost-effective IT security program, according to company officials. Under the task order, SRA will develop an IT security architecture, provide a training and awareness program to promote compliance with that architecture, and develop a compliance monitoring and enforcement program.

Services covered under the contract include security architecture, audit, technical consulting, security policy review, compliance and oversight, awareness and training, and systems security and risk assessment. The SRA contract team includes System 1.

The task order follows a March report from the Government Accountability Office that found fault with the SEC's security regimen. "SEC has not effectively implemented information systems controls to protect the integrity, confidentiality and availability of its financial and sensitive data," the report states. The commission "has not fully developed and implemented a comprehensive agency information security program," according to the report.

In addition, GAO found that SEC established information security awareness programs for employees and contractors, but did not ensure that all personnel assigned to specialized IT positions completed security awareness training.

Moore is a freelance writer based in Syracuse, N.Y.

Featured

  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected