DENVER, CO (March 8, 2017) – SLI Global Solutions is pleased to announce that they have released a significant addition to their portfolio of services for government agencies. For years, SLI has been providing general security assessment services as part of their Quality Assurance and IV&V contracts. However, new federal requirements – called Minimum Acceptable Risk Standards for Exchanges (MARS-E) – have led to the need for states to conduct independent audits of their security policies, procedures and practices when state systems exchange data with federal sources.
SLI President of Government Solutions Steven Esposito said, “To help states respond to these new requirements, SLI has developed a formal protocol to conduct these independent security assessments. We are proud of the fact that our protocol is in complete compliance with the framework for the independent assessment of security and privacy controls, which is in keeping with our commitment to delivering standards-based methodologies and services.”
The SLI assessment protocol incorporates a comprehensive review of privacy controls including administrative controls, technical controls and physical safeguards to ensure the proper handling of Personally Identifiable Information (PII) in accordance with the standards.
The SLI MARS-E assessment protocol includes the following six steps:
- Assessment Stage
- Discovery Stage
- Stage 1 – Planning
- Stage 2 – Assessment
- Stage 3 – Analysis
- Stage 4 – Reporting
A typical assessment is completed in six to eight weeks. The resulting reports provide findings and actionable recommendations to allow the agency mitigating any risks or issues that are uncovered in the assessment effort.
Most recently, SLI completed a MARS-E assessment for the Mississippi Department of Medicaid (MS DOM). For MS DOM to meet Centers for Medicare & Medicaid Services (CMS) requirements for the installation of their new Medicaid eligibility system, the agency turned to SLI for assistance to complete the assessment within an eight-week window. SLI delivered the final report ahead of schedule, enabling the Department to meet their commitments to CMS as well as the agency staff and clients they serve.
Deputy Administrator for the DOM Office of Information Technology Management Rita Rutland said, “When CMS required the Mississippi Division of Medicaid to deliver a MARS-E assessment on a tight time frame, SLI delivered a professional, quality assessment on time and on budget that exceeded our expectations.”
Under MARS-E, an organization is required to implement policies and procedures necessary to protect the security and privacy of information. The CMS MARS-E Security Assessment Control, CA-2, requires all security and privacy controls attributable to a system or application be assessed every three years.
MARS-E helps to ensure compliance with federal requirements under FISMA, HIPAA, HITECH, ACA, Tax Information (FTI) Safeguarding Requirements and state requirements. MARS-E is based on NIST 800-53 with additional controls detailed in IRS Publication 1075 to address the handling of IRS Federal Tax Information.
SLI has experienced security teams that are ready to support your MARS-E security assessment needs. For more information or to discuss your MARS-E assessment, please contact Director of Business Development, Center for Systems Integrity, Mark Joyce at email@example.com or (307) 220-8855.
ABOUT SLI GLOBAL SOLUTIONS
SLI is a nationally recognized partner with state and local government agencies, providing project management oversight, Independent Verification & Validation (IV&V), Quality Management (QM) and software testing services to the industry. An accredited software testing lab, SLI offers customers a proprietary ISO certified quality management methodology and framework, SQM3, which is derived from industry standards articulated by IEEE, PMBOK, ISO, SWEBOK, and COBIT. To learn more about SLI Global Solutions’ services, please visit www.sligov.com.