Conquering the Continuous Monitoring Challenge
Govplace
1886 Metro Center Drive Suite 100
Reston, VA 20190
In many organizations, the advent of Continuous Monitoring requirements has severely challenged the security authorization process. This paper discusses the challenges posed by Continuous Monitoring, and the approach Govplace takes with our customers to establish effective risk and compliance management solutions through the implementation of Security Intelligence Solutions.
1 Introduction
With the advent of NIST SP 800-53 Revision 3, the conversation in many IT Security Organizations started to change. The security authorization management process significantly impacts every federal IT organization. At the core of these changes was the shift away from occasional updates to certified and accredited systems toward a mandate to continually monitor the security posture of individual assets within those systems.
This change is largely defined in NIST SP 800-137, which defines continuous monitoring as “maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions.” This publication helped to evolve the guidance provided in the Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) framework. As the general understanding and usefulness of CAESARS has increased, many organizations have found that while they have invested significant resources in various information security technologies, they still do not have an effective means to continuously monitor the status of their assets in a way that provides meaningful insight into information system security.
Govplace’s approach to improving our client’s ability to perform continuous monitoring aggregates multiple information system monitoring and security technologies in a way that allows for individual security controls to be continually monitored and enforced.
This approach provides visibility into real-time system security posture by aggregating data from system logs, patch management systems, vulnerability scanners, and other sources. This data is archived and indexed through a robust data management system such that events can be correlated and administrators and system owners can be alerted if these events impact the risk score for their systems.
Figure 1. Govplace’s Security Intelligence Solution integrates eGRC, IT Data, and Predictive Intelligence.
The following sections describe the data collection and analysis process as well as the enterprise governance, risk, and compliance solutions needed to effectively support these continuous monitoring mandates in a way that improves overall system security and improves the risk posture of every organization’s systems.
Data Collection/Analytics discusses innovative approaches developed by industry leaders in response to issues and drivers faced by today's IT government organizations. Govplace's approach to IT data collection, analysis, and storage effectively matures government's IT organizations and security teams.
Risk Management discusses Govplace's agile approach to FISMA compliance of enterprise-level information systems. We discuss implementing policy management without touching a single line of code with high-level overview of the core values of our governance, risk management, and compliance solution. We also present our solution to manage, mitigate, and communicate risk as well as managing the entire enterprise, responding to incidents, and auditing information systems.
Predictive Intelligence discusses our solution to simulate and real-world test risks that may have a negative impact on information system security. Our approach ensures system security plans are truly engineered to be secure and easily followed.
Finally, we discuss the comprehensive Govplace Solution to enterprise-wide continuous monitoring, designed to achieve 100% of government IT organization's required functionality. Our cost effective approach, Continuous Monitoring as a Service, is built to exist on its own or to coexist with a variety of existing solutions, services, and government policies and regulations.
2 Data Collection/Analytics
In many government IT organizations, the information security team and Security Operations Center (SOC) are focused on collecting information about systems and events; interpreting that information through the lens of known and unknown threats; and applying industry and organizational knowledge, creativity, and skill to ensure information system security. Existing systems such as Security Information and Event Management (SIEM) systems regularly help SOC analysts respond to known threats and help to monitor for suspicious and malicious activity.
However, many threats lie unrecognized in the normal data that exists in log management systems, SIEM systems, and IT operations repositories. This data can include regular activities such as monitored access to a building, internet and web proxy usage logs, and logs that are generated by devices supporting other network services such as DNS, DHCP, Radius, and more. These normal activities are where would-be attackers are focusing their actions to avoid detection.
Next-Generation IT Data analysis systems from emerging technology developers like Splunk help to monitor for thresholds and outliers in this data that can reveal malicious activity that would have previously gone unrecognized. These approaches leverage a next-generation analytics language that supports scenario-based investigations into IT and system security data. This allows SOC analysts and other information security practitioners to keep tabs on virtually any pattern or activity that may pose a risk to their information systems.
One of the challenges in supporting this new approach to system security is rooted in the fact that most SIEM tools monitor for known threats through a focus on canned reports and dashboards, rather than allowing the security organization to specifically target the metrics and data that is most relevant to their information systems. System security professionals need to be supported by tools and systems that allow for much more targeted queries and searches for relevant data.
This approach – integrating security intelligence capabilities to support better risk identification – allows organizations to better support the changes that have been made in the latest versions of industry regulatory requirements such as FISMA and HIPPA. To provide the most actionable security intelligence, organizations need to be able to capture, index, and rapidly search through many of the following data types:
IT Data Type IT Data Usage
Application Logs
Every modern application and network device writes log files that allow for the day-to-day management and debugging of applications by developers, support teams, operations teams, and security organizations. These logs are used to monitor activity, detect fraud, and detail application performance and user behavior throughout enterprise information systems.
Web Access Logs
For public and intranet-facing applications, web access logs represent an opportunity for organizations to track every request that is processed by a web server. This can be data such as which IP the request initiated from, which URL was requested, referring URLs, and other relevant website analytical data. This can be very useful in tracking frequently used pages, individual user access behavior, and can be used to develop trends that represent future web site usage.
IT Data Type IT Data Usage
Web Proxy Logs
Web proxy logs can be used to track inside-out user activity, which can be instrumental in isolating insider threats, violations of acceptable use policies, and a variety of other use cases. These logs can also be helpful to isolate the exact time of a reported error or access problem. One of the challenges with web proxy logs can be the size of the logs, which are generated frequently and are often difficult for traditional log management or SIEM tools to sift through.
Message Queues
Modern message queuing systems from vendors like IBM, Oracle, and TIBCO are frequently used in Service Oriented Architectures to pass data, messages, and tasks between applications in large enterprises. By using the security intelligence system to subscribe to these message streams, IT organizations can learn a lot about message flow, system availability, application response times, and much more. This data can be used to help troubleshoot and debug events before they become user problems, and can help to identify irregular application and user activity in large enterprise information systems.
Packet Data
Many IT organizations are starting to implement full packet capture systems to gain greater capabilities for network forensics and session-level data about user activity. This data is typically produced through captures using tools like Tcpdump, which generates PCAPS data and other useful information to help identify and troubleshoot performance problems, suspicious activity, and determine if the network has been compromised or is currently under attack.
Configuration Files
While most IT Security organizations capture log and event information, most do not have real-time visibility into actual system configurations. By integrating this type of data into the security intelligence and analysis process, SOCs and information system owners can get a better understanding of how their infrastructure has actually been configured. This helps to track changes and change authorization over time, and can help to determine if changes have caused vulnerabilities or other problems in their information systems that would lead to higher risk or greater compliance challenges.
Database Audit Logs
Database audit records of queries and other access are critical for IT security organizations to understand who accessed what, what data changed, and when. These logs are also crucial in understanding how applications access data so that developers and DBAs can optimize queries. Different databases store or log information in different ways. Leveraging a tool like Splunk can help to take advantage of collecting and indexing this information anywhere it resides and in whatever manner the security organization needs to be useful.
Filesystem Audit Logs
Most government organizations have a substantial amount of “unstructured” data that sits in file systems outside of their mission and business applications. This data often represents the biggest risk or loss or leakage, and can often contain sensitive information such as PII and other critical records. These file systems often sit on multiple operating systems and storage platforms that all provide different auditing and logging functionality. This data is vital for monitoring access to sensitive data.
Management APIs
Many management tools today provide streamlined access to log and audit data through APIs and consolidated data streams. This is helpful for log management tools because it helps to consolidate the information into a stream of data that can be more easily read by enterprise security intelligence tools without the need for as much data normalization, compression, and indexing. Some examples of this data are VMware vCenter logs, consolidated logs from Quest InTrust for Windows management, and Cisco Security Manager or CiscoWorks consolidated event logs.
OS Metrics, Status, and Diagnostics
Operating Systems (Windows, Linux, UNIX, etc.) provide valuable metrics such as processor and memory utilization, disk space availability, and service availability using built-in CLI utilities such as ps, iostat, and perfmon. While this data is most frequently used by IT Operations teams and Server operations teams, it can be incredibly useful for security intelligence purposes where it can be used for analyzing trends, determining potential risk impact to information systems, and investigating security and other system-impacting events.
IT Data Type IT Data Usage
Syslog, WMI, SNMP, etc.
Many other standard data sources can be used by security intelligence systems to provide insight into business system usage and security. This data, when combined in the context of other data, can provide valuable insight into system security, attack vectors, user behavior, and service availability.
To support the collection and analysis of these logs and other IT data elements, Govplace ascribes to a data management lifecycle that provides IT and security organizations with the data they need to most efficiently assess information system risk, identify breaches, and process and manage the response to individual system security events.
Figure 2. Govplace’s Data management Lifecycle
The data management architecture of the Splunk solution is uniquely suited to managing large amounts of unstructured and semi-structured data such as log files and other IT information. Splunk’s innovative, big data approach to storing these files allows for on-the fly creation of new views and data indices, and can scale to handle multiple petabytes of capacity much more easily than solutions that rely on a traditional RDBMS. This data architecture is a key component of the Govplace Security Intelligence solution and allows the components of our solution to handle massive amounts of IT and business data to provide the best correlation and alerting, and gain the most complete view possible of IT Security risk.
By following this process of IT data collection, analysis, and storage, IT organizations and security teams can effectively mature their security intelligence capabilities and provide the best analysis and response to security events throughout the enterprise. This data is then made useful to allow Risk Management tools to qualify the level of risk that each piece of data and each event represents for the organization and individual information systems.
Step 1 (legacy ALM) • Index all the data & logs
needed to monitor and investigate events and threats
• Operating Systems • Network Devices (IDS,
firewall, router/switch, etc.)
• Network Services (DNS, DHCP, remote access and AAA logs) • Proxy logs • Web logs • Email • Custom application logs, etc. Step 2 (legacy SIEM) • SOC analysts can
respond to and investigate IDS and SIEM alerts, activity for flagged users/systems and investigate access to sensitive data. • SOC analysts can easilly
track their response to ensure adherence to their Incident Response Lifecycle
Step 3 (add IT data) • Analysts enrich the raw
data by tagging events they encounter as significant • This allows for
normalizing heterogeneous data formats on-the-fly by extracting and naming fields such as usernames and identifying and naming events such as successful logins, leading to better intel across all analysts.
Step 4 (legacy SIEM) • The Security Integlligence
system monitors for known bad events, and uses sophisticated correlation/search, to find known risk patterns (i.e. brute force attacks, data leakage and application-level fraud) Step 5 (SIEM + IT Data) • Reporting provides a birds-eye view of security-relevant events such as firewall reporting, IDS rule violations and login activity. • This allows for searching
attack footprints in response to reports of new zero-day attacks, review trends in logins and other activity to uncover suspicious patterns and anomalies to find previously undetected attacks.
3 Risk Management
As information security organizations improve the availability of security and other IT data, that data can be more seamlessly inserted into the security authorization and risk management process. This integration of live system security status and risk management is what allows government agencies to meet the requirements of FISMA and other industry or agency-specific regulations and controls.
However, today’s process tends to be very static, with a focus on document-based workflow to approve and communicate risk and security information for individual systems. This approach provides a single point-in-time view of system security status, but does not integrate details from the change management process and the sorts of activities that happen throughout an IT environment on a day-to-day basis. This lack of visibility into system security status drives significant deviations from the documented configuration of a system and the real-world situation. To meet the goals of continuous monitoring, government agencies must have a security system that integrates the security authorization management process with live and relevant configuration and security data. This integration provides a real-time view into the policies, controls, risks, and safeguards in place to effectively deliver IT services and applications in a secure manner.
To best manage the risk associated with enterprise information systems, Govplace implements enterprise Governance, Risk, and Compliance (eGRC). Govplace’s eGRC Platform is adaptable for the unique requirements of every IT organization. Our platform allows organizations to build new information security applications and integrate with external systems without touching a single line of code. This approach allows Information Security organizations and business system owners to build flexible, unified, and collaborative risk management strategies and provide a real-time view into system security status.
3.1 Implementing Policy Management
Govplace leverages the RSA Archer Policy Management platform, which provides the foundation for governance, risk management, and compliance (GRC) programs, with a comprehensive, consistent process for managing the lifecycle of security policies and their implementation and exceptions.
This policy management software provides a single point for creating security policies, standards, and controls and mapping them to objectives, regulations, industry guidelines, and best practices. It also enables information security and compliance organizations to communicate policies, track acceptance, assess comprehension, and manage exceptions.
The Policy Management software is based on the RSA Archer eGRC platform, which enables information security and compliance organizations to understand which policies govern their organization and formulate policies and system-level controls that achieve agency objectives and demonstrate regulatory compliance. The system is based on the following core values:
Policy centralization – The eGRC Platform allows organizations to consolidate the authoring of policies, communicate them to users, conduct training, and view exceptions
Time and cost savings – The eGRC Platform helps organizations to
reduce the time and cost that is usually spent to create and update policies, manage exceptions, and demonstrate compliance to auditors and system owners.
Automation and efficiency – The eGRC Platform automatically
distributes alerts, newly identified risks, and other relevant content to system owners and subject matter experts for review and approval with dynamic, configurable workflows.
Immediate time to value – Govplace uses our industry and
agency-specific knowledge to implement the eGRC Platform with predefined access roles, workflows, reports, and dashboards out of the box, and uses our rapid solution delivery methodology to tailor individual implementations through point-and-click configuration. This approach reduces implementation time and improves the value our customers gain from the platform.
On-Demand deployment – Govplace provides the eGRC Platform as a
component of our Continuous Monitoring managed service, which means it is available for use immediately. The eGRC Platform is modular, and changes can be easily and quickly migrated from development to testing and production environments – allowing for rapid changes based on user needs and new requirements.
Industry Standard Controls – Although many organizations use controls
and regulations specific to their needs, there are frequently industry-standard controls such as FISMA, HIPPA, SAS-70, and others that are used across many organizations. To speed the implementation of the eGRC Platform, Govplace includes access to a broad content library developed in conjunction with Fortune 1000, federal government, and other partners. This content library helps to accelerate the implementation of various controls for specific business systems, and includes:
Pre-defined policies – Specific guidance for both technical and
non-technical requirements and regulations. These help to build connections between actual compliance statistics and regulatory or policy requirements.
Control standards – More than 1,100 guidelines for carrying out policies
and measuring/reporting policy compliance. Control standards are used to establish security baselines and provide guidance on implementing security for new systems.
Control procedures – More than 6000 instructions on implementing
Control Standards. These can be used by business system owners and information system security officers to ensure consistency of implementation across systems.
Authoritative Sources – The eGRC Platform includes pre-defined
content for more than 130 pre-defined external sources, providing substantial and relevant guidance for individual systems.
Assessments – The eGRC Platform includes more than 10,000
compliance with specific control standards, procedures, and authoritative sources.
3.2 Risk Management and Mitigation
Once policy setup and configuration is complete, Govplace implements a robust risk management solution to proactively address risks to government agency reputation, finances, operations, and IT infrastructure. This software provides a central GRC management system for identifying risks, evaluating their likelihood and impact, relating them to mitigating controls, and tracking their resolution. The risk management component of the Govplace security solution provides the following capabilities:
A centralized risk management repository – Govplace integrates this repository with project-management tools for managing POA&Ms, key risk indicators, and loss events. The risk management solution uses prebuilt risk assessments, and allows for organizations to create their own.
A holistic view of risks – The risk management software provides a complete view of exposure across the entire organization and all information systems by relating risks found in individual system assets to objects such as controls, objectives, processes, facilities, and technologies. This approach integrates risk management with key business processes and helps to accelerate risk identification and mitigation.
3.3 Managing and Communicating Compliance
To assist in effective risk management, Govplace’s eGRC Platform includes a compliance management function, which provides a centralized, access-controlled environment for automating compliance processes, assessing deficiencies, and managing remediation efforts.
This software enables information security teams and business system owners to document process and technical controls (e.g., password policies), link them to authoritative sources (e.g., FISMA), perform risk-based scoping, execute design and operating tests, and respond to gaps. Individual users can also report assessment results and remediation activities to management and regulators through real-time dashboards. These dashboards can be used to help prioritize risk response and resolution efforts, and use a configurable risk score to help quantify risks relative to their potential impact on the information system and the organization.
The compliance management solution is a component of the same, eGRC Platform, which means it is pre-integrated with the policy and risk management functions described earlier. This approach helps minimize integration efforts, time, and cost, and allows for robust automation to be built between the different solution components.
3.4 Manage the Entire Enterprise
Once we have developed policies, established risk management strategies, and implemented compliance checks and remediation methods, we have the foundation necessary to manage multiple information systems as a single
information on the agency hierarchy and operational infrastructure, enabling information system security officers and business system owners to form an aggregate view of organizational divisions, determine the value of supporting technologies, and use that information in the context of GRC initiatives across their enterprise.
The Govplace approach to enterprise security management enables organizations to track GRC information for individual assets and business processes, associate the devices, applications, and information that support them, and relate technologies to the facilities where they reside. This allows for a complete view of how all the organization’s assets and people support the security requirements of both Major Applications as well as General Support Systems. This data is integrated such that it can be used to easily produce valuable reports to monitor enterprise GRC initiatives at the agency, division-, and mission/unit levels in order to support informed, strategic decision making. This individual asset data can be configured to come from multiple systems of record including configuration management databases (CMDBs), ERP systems, asset databases, and other sources. These assets can then be placed into groups and arranged hierarchically in a way that shows how individual IT assets correspond to their associated business use and support information security requirements.
3.5 Responding to Incidents
As assets are monitored and mapped against the resources and systems they support, Govplace’s eGRC Platform provides government agencies with the capability to centralize and streamline the incident management lifecycle for cyber and physical incidents and ethics violations. This functionality is delivered through the eGRC Platform’s Incident Management software, which is a web-based incident-management solution that captures individual security events that may escalate into governance, risk management, and compliance (GRC) incidents, evaluate incident criticality, and assign responders based on impact and regulations.
Using the incident management solution, information system security officers and business system owners can also consolidate response procedures, manage investigations end to end, and report on trends, losses, recovery efforts, and related incidents. The eGRC Platform’s incident management capabilities enable the following capabilities:
Efficient incident response – Pre-defined notifications and workflows provide rapid access to response procedures so personnel know what to do and can act quickly. This approach also helps rapidly mitigate security risks and respond to potential risks before they become critical to system security.
Relational analysis – By linking incidents to facilities, technologies, processes, and applications, agencies can mine data to understand where problems occur and take preventive action.
Whistleblower capability – The eGRC Platform supports anonymous reporting of incidents and ethics violations in accordance with the Sarbanes-Oxley, and U.S. Public Disclosure Acts, as well as individual agency requirements.
3.6 Auditing Information Systems
To help put agencies in control of the audit lifecycle, the Govplace eGRC Platform enables improved governance of audit-related activities, data, and processes without the limitations of manual or stand-alone approaches used by many of today’s document-based security authorization processes.
The eGRC Platform is aligned with the Institute of Internal Auditor (IIA) standards. The Auditing module of the eGRC Platform is web-based auditing software that provides an aggregate view of compliance programs across information systems and organizations, including planning, scheduling, risk-based prioritization, staffing, management of audit procedures, and tracking of remediation efforts.
With Audit Management, government agencies can accelerate security authorizations and system recertification by transforming paper-based documentation into an information asset. This capability increases audit efficiency; helps perform risk-based scoping of the audit universe; and easily integrate with other governance, risk management, and compliance (GRC) processes.
This approach to audit management streamlines audit documentation and helps to correlate audit work papers with evidence, observations, and remediation efforts in a single, access-controlled repository. By streamlining the approach, the Govplace eGRC Platform allows users to share information, repurpose audit procedures, and automate workflow and findings generation – all increasing efficiency throughout the security authorization and recertification process.
These approaches, combined, enable tremendous efficiencies in the security authorization management and risk management process across both large and small organizations. By directly integrating asset and compliance information with policy and enterprise organizational hierarchy, agencies can get a true, real-time view of risks and mitigation strategies across multiple information systems. Govplace’s approach to integrating these components ensures the most rapid integration of asset and compliance data with business systems to provide nearly immediate results for our clients and help them to make significant progress in ensuring continuous monitoring and security compliance.
4 Predictive Intelligence
To help our clients avoid threats and proactively address issues in their infrastructure, Govplace implements Predictive Security Intelligence Solutions. These solutions enable government organizations to take control of their security infrastructure, communicate risk, and make better decisions in support of key enterprise information systems.
Govplace’s Predictive Intelligence Solution is based on Core Security’s CORE INSIGHT platform. This platform enables government agencies to proactively assess risks, and empowers information system and business system owners to make informed choices for improving system security, optimizing project priority and budgeting, and increasing operational efficiency.
The CORE INSIGHT software performs simulation and real-world testing to pinpoint individual risks and trends that may have a negative impact on information system security. The CORE INSIGHT platform identifies vulnerabilities and malicious behavior in networks and automatically notifies Govplace’s eGRC Platform, so that system owners can make informed, risk-based decisions about information system security risk and develop sound prioritization of risk remediation efforts.
The Predictive Intelligence Solution provides analysts and penetration testers with tools to proactively assess IT systems against real-world threats and simulated threats. The software is able to test for multiple known vulnerabilities as well as emerging threats and exploits. By performing on-going systems security audits with a constant focus on penetration testing and vulnerability exploitation, information system owners can be assured that their systems will stand up to even the most sophisticated attacks, and other insider and outsider threats.
Govplace’s approach to Predictive Intelligence goes past the types of assets and hardware typically covered by normal security authorization requirements and bolsters security testing and evaluation by performing audits and attempting attacks on web applications, databases, and other resources with a large attack surface. This approach ensures that system security plans are followed, and that systems are truly engineered to be secure rather than simply following policy. The Predictive Intelligence Solution relies on a set of sensors and analytical systems that probe and inspect resources, devices, and applications on enterprise networks, looking for known vulnerabilities, subsequent attack vectors, and possible exploits in system configurations. This data is fed to both the IT Data Management engine in the Govplace Solution for long-term archive and analysis, as well as the eGRC platform for near-instant analysis and correlation with security policies and controls. This approach bolsters the continuous monitoring capability of the Security Intelligence solution and provides the most relevant information about information system risk.
5 The Govplace Solution
The Govplace Security Intelligence Solution is built on the tight integration of COTS Solutions from Splunk, RSA Archer, and Core Security – which all come together to provide a solid foundation for enterprise security and risk management. While our solution is comprehensive by itself, Govplace recognizes that many organizations have already deployed key components of an integrated security solution. The Govplace solution is built to exist on its own or to coexist with the following:
Existing audit log management solutions such as ArcSight Logger, RSA Envision, and others
Existing SIEM solutions such as ArcSight ESM, McAfee Nitro, and others
Existing penetration testing software solutions and services
Existing agency security policies and governance regulations
Our solution implements security as an on-demand service, and is deployed on a private virtual server infrastructure managed by Govplace that includes the computing and data storage resources necessary to accommodate the various components of the Security Intelligence Solution. This virtualized approach allows for the computing and storage resources supporting the infrastructure to be dynamically reallocated to the components of the solution with the highest resource requirements. By allocating resources on-demand, Govplace’s Security Intelligence Solution can be deployed with fewer resources and at a lower cost than with a dedicated physical server infrastructure.
The Govplace approach implements security and continuous monitoring capabilities in three distinct phases:
Phase 1 – Implementation of IT Data Collection functionality and integration with existing data sources and log management platforms
Phase 2 – Implement eGRC Platform and integrate it with the Security Authorization Management process and IT Data sources
Phase 3 – Implement Predictive Intelligence capabilities to identify and analyze system configuration and avoid future risks
The Security Intelligence pricing model is based on individual tenants or organizations subscribing to a specific amount of data ingest per day into the solution. This cost per gigabyte (GB) of data per day is a shared pricing model and provides access to the entire solution set under a single service subscription. Please contact Govplace sales for more information regarding the solution pricing model.
Govplace’s approach is built on helping our clients achieve 100% of their required functionality. Our approach to application development and integration allows for the acceleration of project schedules, resulting in working solutions and implementations within three months of project start. Momentum, Govplace's solution delivery methodology, dramatically shortens the planning, implementation and testing process used to deliver IT solutions—delivering value in weeks or months rather than years. Momentum uses a rapid prototyping
business system owners directly in solution design activities—focusing solution development on the best mix of enterprise requirements and user needs.
Figure 2 - Momentum provides nearly instant value by starting with user-ready, production-quality prototypes.
About Govplace
Govplace delivers enterprise IT solutions exclusively to the public sector. Our experience and focus give us a unique understanding of our client’s individual goals and requirements, unsurpassed expertise, innovative solutions, and outstanding people.
For more than 16 years we have built these four elements into successful enterprise IT solutions. With each new project, we leverage our experience and broad portfolio of services to optimize best practices into solutions that meet immediate and long term needs.
Our unique performance-based methodology means that we closely align our measure of success with our clients’ objectives. So whether success is defined by delivering on budget, by milestone or go-live date, our success is defined by that same measurement ensuring both a successful implementation and the ability to meet measurable program objectives.
Our broad portfolio of services ensures that no matter the goal, we’ll be the partner that helps you succeed.
For more information on continuous monitoring, contact John Sobczak at (703) 286-9315 or jsobczak@govplace.com
