Whether it’s cybersecurity, healthcare transformation, or workforce mobility, the issues facing federal agencies are more challenging and interconnected than ever. Today’s missions will set the foundation for the future. Carrying out these missions will require fresh thinking, a creative approach, and new collaborations across the public and private sectors.


Contact Protiviti


We help federal agencies design IT solutions and deliver results that assist in making a real and lasting difference. Using strong IT governance to ensure alignment with mission strategies, we drive excellence in IT through insights, people, and experience to bring meaningful solutions to every challenge. These solutions include:

  • Managing the Business of IT
  • Managing IT Security and Privacy
  • Managing Applications Data
  • IT Lab and Testing Facility


IT Security Solutions

Protiviti’s security solutions include reviews, incident response, security strategy, regulatory compliance, architecture, design and implementation services, and Payment Card Industry (PCI) consulting and remediation. We help federal IT organizations address both known and emerging security and privacy risks through security reviews and related support. Our expert teams include Certified Information System Security Professional (CISSP) and Certified Information Privacy Professional for Government (CIPP/G) professionals. Their involvement ensures we deliver optimal control reviews that align with guidance from the National Institute of Standards and Technology (NIST), including FIPS-199, FIPS-201, NIST 800-60, NIST 800-53, NIST 800-40 series, Federal Information and Security Management Act (FISMA), and Federal Risk and Authorization Management Program (FedRAMP).

In June 2012, we fortified our IT security solutions by acquiring the U.S. business of Arsenal Security Group, Inc. This move is allowing Protiviti to further expand our ability to help the public sector respond to the growing risks associated with data in today’s business environment. With the addition of Arsenal’s U.S. business team, we now provide expanded offerings in incident response; security strategy; regulatory compliance; architecture, design and implementation services; and PCI consulting and remediation.

Our ongoing work in support of the General Service Administration's (GSA) Federal Public Key Infrastructure Management Authority (FPKI MA) program has included IT security reviews based on NIST 800-37. This work is in preparation for the President's Management Agenda re-accreditation (or Authority to Operate) of its government-wide PKI system.


Project Highlight:

Protiviti is a prime contractor supporting the U.S. GSA. That means we are at the forefront of providing security reviews to ensure data privacy protection, security to infrastructure, and the hardening of systems to combat increasingly sophisticated cybersecurity threats.


IT Lab and Testing Facility

Protiviti maintains a facility security clearance and operates a testing and compliance IT lab for GSA. This lab is currently used to test new products for inclusion in the GSA’s Approved Product Lists (APL) program.

In support of the FPKI, Protiviti identifies, evaluates and recommends new processes and tools to enhance privacy. Our team reviews all policies, procedures and processes of federal IT organizations to confirm they are compliant with OMB and NIST requirements. This includes evaluations to ensure efforts are made to reduce the collection of private information, such as Social Security numbers, in systems.


Why Protiviti

Protiviti’s commitment to our federal clients is perhaps best exemplified in the area of IT security. Protiviti serves as a trusted advisor and consultant in contracts spanning all phases of federal identity management programs. We supported several key portions of the original e-Authentication Initiative, and more recently, have been a lead contractor in unifying government-wide identity management objectives to ensure consistency and coordination under Homeland Security Presidential Directive 12 (HSPD-12) and many other federal Identity Credentialing and Access Management (ICAM) mandates.

Protiviti is instrumental in the advancement of ICAM through our work for the GSA and on other federal contracts. Our record of success includes breakthrough work in:

  • Homeland Security Presidential Directive (HSPD)-12/PIV
  • Personal Identity Verification Interoperable (PIV-I) for Non-Federal Issuers
  • Federal Public Key Infrastructure (FPKI)
  • Federal Identity Credential Access Management (FICAM) Roadmap and Implementation Guidance
  • Trust Framework Provider (TFP) Assessments
  • Identity Scheme Adoption and Profiles (ISAP)

Protiviti is known for bringing private sector best practices and applying them in the public sector in a collaborative and meaningful way. We work side by side with our federal agency teams to manage trade-offs and engage stakeholders inside and outside of the agency. Protiviti’s capabilities across diverse disciplines help agencies tackle problems from many dimensions and enhance their own abilities to make the most of change. Our breadth of capability encompasses consulting, IT audit and enterprise risk to address the full scope of the federal government’s IT needs.