Carson's core business areas are Management Consulting and Information Assurance. We provide the following services to both Federal Government and industry customers:
Management Consulting
- Program Management – Our blend of technical and functional staff brings the complete program management services your program needs.
- Portfolio Management – Carson Associates will ensure that executives have accurate and meaningful information for IT decision-making.
- Strategy & Performance Management – Carson Associates is skilled at measuring performance, making sure your programs are bringing the intended results.
- Independent Verification & Validation (IV&V) – Best business practices demonstrate successful outcomes, both qualitatively and quantitatively, so our consultants are knowledgeable in metrics.
- Quality Management – We analyze core business processes and determine their efficiency and effectiveness with guidelines that gauge performance.
- Studies and Analyses
Information Assurance
- IT Security services include the following:
- Vulnerability scanning
- Penetration testing
- Web application testing
- Social engineering
- IT security gap analysis
- PCI compliance
- Security Program Development – We establish agency-level guidelines for management by developing, reviewing, establishing, and implementing IT security policy and procedures.
- Certification & Accreditation – Carson Associates has 20 years of experience assisting federal agencies with all phases of their certification and accreditation (C&A) planning to comply with government regulations and guidance.
- Continuous Monitoring – Carson Associates can provide the continuous monitoring of management, operational, and technical controls that has become a best practice.
- Compliance Evaluations & Audits – Our audit services include a review of your information security policies, procedures, and agency self-assessments; examination of system owner information security practices and control techniques; vulnerability testing of mission critical systems; evaluation of agency corrective action plans; and recommendations for information security improvement.
- Business Continuity Planning – Carson Associates can help you reduce risk by developing a logistical plan for recovery and continuity of operations in the event of a disaster.
- Incident Response – Incident response is a set of well-defined and systematic procedures the Carson team follows when responding to security-related events. This can be a proactive analysis and plan, or a forensic analysis to identify and follow a hacker's actions after a system has been broken into by an unauthorized user.
- Security Training – Carson Associates will develop and teach your security training courses.
- Privacy Assessments – Carson Associates will create or review your privacy impact assessment (PIA).