CMS OFM SCA

The Department of Health and Human Services (HHS), Centers for Medicare and Medicaid Services (CMS) selected Halfaker as prime contractor on a cyber security contract supporting the planning, development and implementation of a comprehensive program to perform Security Controls Assessments (SCAs) for the CMS Office of Financial Management (OFM).

Halfaker performs SCAs of varying scope and complexity for CMS OFM including, Annual Federal Information Security Management Act (FISMA) SCAs, Comprehensive SCAs, and Penetration Testing across 20+ FISMA systems with new systems coming online each year against over 500 controls enumerated in NIST SP 800-53.

Additionally, Halfaker supports CMS by planning, developing, and implementing SCA testing and analyses, including external and internal penetration tests and vulnerability assessment, as wells as ensures application and database security compliance. By providing comprehensive SCAs to CMS OFM, Halfaker continually improves the information security of critical CMS enterprise systems.

Contract Number: 
HHSM-500-2016-00015G
Contract Type: 
IDIQ Vehicles