Clients: Case Studies

US Marshals

CASE STUDY
US Marshals System Security Plan (SSP)

The mission of the Unites States Marshals Services (USMS) is to protect the Federal courts and ensure the effective operation of the judicial system. To carry out its wide ranging responsibilities, the USMS depends on the confidentiality, integrity, and availability of numerous IT systems and their data. TDI helped ensure this dependability by developing The System Security Plan (SSP) for the USMS Data Clarity® Suite of products used by the USMS.

TDI evaluated the USMS system (hardware and software) and prepared Systems Certification and Accreditation (C&A) documentation in accordance with the USMS System Development Life Cycle. TDI's SSP provided an overview of the security requirements for the information system and described the security controls in place or planned for meeting those requirements. Based on interviews, technical assessments, and documentation collected at the USMS, TDI produced an SSP that satisfied the requirements outlined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-18, Guide for Developing Security Plans for Federal Information Systems, used in conjunction with Federal Information Processing Standard (FIPS) 200 and SP 800-53, Recommended Security Controls for Federal Information Systems.

TDI ensured that the USMS SSP contained the appropriate content requirements, including: Mission Description and System Identification; Environment Description; System Architectural Description; System Security Requirements; Organizations and Resources; C&A Plan (NIST SP 800-37).

TDI's efforts resulted in the timely delivery of a FISMA compliant System Security Plan. The SSP we developed as part of a larger C&A effort TDI performed which allowed the USMS to obtain an Authority to Operate (ATO). Consequently, the USMS continues to meet is mission requirements and TDI was a critical player that helped make this happen.