Business Information Services & Data Protection
Business Information Services assist agencies in determining the financial condition of individuals, organizations, and financial instruments. Data Protection includes safeguards that protect electronic information from unwanted access and breaches. Data Protection services also assist agencies to develop, document and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, in accordance with the Federal Information Security Management Act (FISMA).
An effective information security program should include:
- Periodic risk assessments; policies and procedures that are based on risk assessments;
- Subordinate plans for providing adequate information security for networks, facilities, information systems, or groups of information systems;
- Security awareness training;
- Periodic testing and evaluation of the effectiveness of information security programs;
- A process for planning, implementing, evaluating and documenting remedial actions to address any deficiencies in the information security programs; and
- Procedures for detecting, reporting and responding to security incidents.
A list of the Schedule contracts is identified below.
|520 16||Business Information Services include credit reports, business profiles, credit scoring, background checks, institutional ratings, and more.|
|520 17||Risk Assessment and Mitigation Services evaluates and strengthens internal controls to protect Personally Identifiable Information (PII) and Personal Health Information (PHI)|
|520 18||Independent Risk Analysis includes a review of all information compromised by a data breach for trends and unusual patterns.|
|520 19||Data Breach Analysis includes the monitoring and detection of breached PII and PHI and can provide the locations of potential misuse for law enforcement action, as well as a listing of consumers likely to be fraud victims.|
|520 20||Comprehensive Protection Solutions allows for customized solutions that integrate Business Information, Risk Assessment and Mitigation, Independent Risk Analysis, and Data Breach Analysis services.|
Federal agencies have unique missions, run different systems, and operate purchasing plans with diverse levels of contracting expertise. In response, GSA offers a variety of purchasing programs to fit each agency’s requirements. Purchasers can call upon GSA’s office of specialists who will customize a program for their agency.