Member Since: 2000
9140 Guilford Road, Suite N
Columbia, Maryland 21046
Business Development Manager:
Director of Security Services:
COACT, Inc is a Service Disabled Veteran Owned Small Business (SDVOSB) and an accredited FedRAMP Third Party Assessment Organization (3PAO). For over 25 years, COACT has provided consulting, Independent Verification and Validation (IV&V), and assessment services to both government and commercial clients to guide them in understanding and fulfilling their risk management and compliance needs. We can help organizations of all types and sizes develop and implement a successful information security program to help protect against cyber threats across the enterprise; this includes policies and procedures, awareness and training, product certifications, vulnerability assessments and comprehensive information assurance including documentation development and continuous monitoring.
COACT maintains a team of security professionals to provide multiple security services to our customers including: risk management and compliance, testing and evaluation, Operations and Maintenance (O&M), records management, software development, and system engineering.
COACT has multiple years of experience providing services to the Department of Defense (DoD), Intelligence community, Federal civilian Agencies, and commercial organizations.
COACT is ISO 9001:2015 compliant and utilizes a quality management system. Our team of expertise provides consistent and high-quality services in support of commercial and government clients in understanding and fulfilling their risk management and compliance needs.
COACT's expertise in various risk management and compliance strategies and methodologies in addition to the accredited quality system are leveraged to perform security services for commercial and government organizations. COACT develops work products that are aligned with the ISO 9001:2015 standards for quality that meet customer requirements. During the execution of contracts, COACT personnel assure conformity of deliverables and services to customer and applicable statutory and regulatory requirements. COACT tiered service offerings range from focused efforts to address specific security and compliance objectives to providing full information security programs for clients in commercial, healthcare, regulatory, defense, and intelligence domains. Since its inception, COACT has focused on improving Information Technology Security Compliance (ITSC) for Federal Agencies and commercial organizations. With unrivaled ethics, COACT remains free from real or perceived conflicts of interest and does not engineer, manufacture, or resell any products.
COACT's Security Consulting Services include but not limited to:
Computer Related Services
Admin. Management & General
Engineering Services/Management Consulting Services
COACT's offers FIPS 140-2 Testing- COACT has successfully completed FIPS validations on a wide range of technologies as a third party independent testing facility accredited by the National Voluntary Laboratory Accreditation Program (NVLAP Lab Code 200416-0). The COACT Laboratory (NVLAP Lab Code 200416-0) offers vendors full service approach to meet all the vendor's testing needs including pre-validation consulting, documentation development and testing and validation assistance. Our goal is to assist you in getting your Cryptographic Module FIPS 140-2 validated and listed on the Cryptographic Module Validation Program (CMVP) Validated Modules list. We work with you through the entire process and keep you informed every step of the way. You know your product. We know the standard.
SA&A (Security Authorization and Assessment) COACT's SA&A consultants have proven expertise in helping U.S. federal agencies comply with FISMA and improve their security posture. Whether your agency requires assistance in setting up an SA&A program, enhancing the program you have already established, certifying new information systems, or validating new SA&A packages, COACT can help.As part of our SA&A preparation services, we can help you understand what SA&A entails for your information system(s) at and how to define your accreditation boundaries. Our experienced SA&A consultants have proven expertise in assisting large federal agencies in improving their overall security posture and in developing compliant documentation. We can help you defend your package to the evaluators and advise you on how to get through the evaluation process.
HIPAA Compliance-Your organization may meet the administrative and physical controls required to safeguard PHI. An assessment of your current responsibility, security, risks, and gaps.
COACT will assist you in understanding your current posture before deciding how to proceed
Formal documentation, and guidance in the implementation of policies and controls to safeguard PHI.
COACT will prepare the documentation package that would be examined during a HIPAA audit.
Guide implementation of policies and controls to address required safeguards.
The tools to allow your organization to track progress toward compliance.
COACT will create and deliver a clear Risk Assessment Report and a HIPAA Readiness Report devoid of any ambiguity or confusion.
Required training for your organization's Compliance, Privacy, and Security Officers(s).
An annual interim revalidation to ensure ongoing compliance.
FedRAMP- The COACT RAMP Lab is an Accredited FedRAMP 3PAO and is authorized to perform security assessments for cloud service providers (CSP) seeking FedRAMP Provisional Authorization.As part of our FedRAMP preparation service, we can help you understand what FedRAMP entails for your Cloud based information system(s) and how to define your accreditation boundaries. Our experienced FedRAMP consultants have proven expertise in assisting companies in improving their overall security posture and in developing compliant documentation. We can help you defend your package to the evaluators and advise you on how to get through the FedRAMP assessment process.
SCAP Validation Testing- The COACT Lab is a third party independent testing facility accredited by the National Voluntary Laboratory Accreditation Program (NVLAP Lab Code 200416-0) to perform Security Content Automation Protocol (SCAP) validation testing.The COACT lab conducts specific tests that are contained in the SCAP Validation Program Derived Test Requirements Document (NIST 7511), on SCAP products and delivers the results to NIST. The SCAP Validation Program will validate the SCAP product under test based on those results.
DOD, federal, U.S. and international security
product developers and manufacturers and prime
contractors as well as commercial clients.
Access to Contract Vehicles:
Seaport Next Generation
DHS Eagle II
Federal Aviation Administration (FAA) Accelerated and Simplified Tasks (eFAST) BPA
NSA NSETS II
Accredited common criteria test laboratory. ISO 9001:2008
A2LA Accreditation to the International Standard ISO/IEC 17020:2012