Department of
Energy,
Office of the Chief Financial Officer
Edgewater provides Program Management, Enterprise Architecture and Cyber Security support to the Office of the Chief Financial Officer (CF), Office of Corporate Financial Systems. We support activities related to the system engineering, development and implementation of the Integrated Management Navigation System (I-MANAGE), the Department of Energy’s solution for managing enterprise-wide systems. The I-MANAGE Program is a collaborative Departmental initiative to achieve improved financial and business efficiencies, integrated budget and performance, and expanded electronic government in support of the President’s Management Agenda. The I-Manage portfolio is comprised of several enterprise-wide system initiatives that include: the Standard Accounting and Reporting System (STARS); I-MANAGE Data Warehouse (IDW); Standard Budget System (SBS); Strategic Integrated Procurement Enterprise System (STRIPES); Corporate Human Resources Information System (CHRIS); and the eContent Management System (eCMS).
The Edgewater cyber security team is the independent assessment component of the certification and accreditation (C&A) program for over 60 corporate applications supporting the financial, human resource and management programs at the Department of Energy. We have supported the customer in planning and executing a robust cyber security program. We have prepared reports to respond to quarterly Departmental FISMA reporting and advised the OCFO on impact and implementation requirements of new guidance. Our team consists of highly experienced software professionals with an average of over 25 years of experience in Government IT development and management. We have performed Security Testing and Evaluations following the NIST 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems and companion documents. We have performed vulnerability analyses using WebInspect and NESSUS tools. We have conducted site visits to evaluate application security soundness before accepting them in the inventory of DOE corporate applications. We have developed guides and provided consultation to system owners and management for security plans, configuration management plans, disaster recovery, and contingency plans. We have conducted Privacy Impact Assessments to advise the Office of Privacy on corporate applications that contain personally identifiable information and sensitive unclassified information. We have evaluated the eAuthentication requirements of application transactions to ensure they are protected to the required level of authentication.
