GovQA Completes FISMA/NIST Moderate Compliance Audit, Further Strengthening Security Position for Government Clients

Long list of successful audits and attestations of compliance underscore company's commitment to security

GovQA Security Triangle

GovQA, the leading provider of cloud-based solutions for automated public records and information workflows and government compliance, today announced it has successfully completed a rigorous third-party audit for Federal Information Security Management Act (FISMA) Moderate compliance.

The FISMA audit process was designed to ensure that government vendors, contractors, and partners effectively manage risk, handling confidential and sensitive information appropriately, and providing protection against various security threats such as unauthorized access, use, disclosure, disruption, modification or destruction. FISMA Moderate compliance, governed by National Institute of Standards and Technology (NIST), requires that organizations implement and operate an extensive set of security configurations and controls, including documenting the management, operational, and technical processes used to secure the integrity, confidentiality, and availability of sensitive information.

“After a six-month-long process, we passed the FISMA/NIST Moderate third-party audit with flying colors,” said Jim Cassan, Compliance Officer in Technology at GovQA. “This is based on one of the most intensive forms of compliance worldwide, covering hundreds of areas within security, compliance, and data privacy. Our successful completion is a testament to our existing and ongoing commitment to security at GovQA.”

The audit attestation signifies review of controls and FISMA moderate compliance for GovQA’s Exchange Platform utilizing NIST SP 800-53 rev 4, FIPS 199, 200 and other NIST and FIPS guides and special publications.  

“We are very proud to achieve FISMA/NIST compliance,” noted Greg Pengiel, Chief Technology Officer and co-founder of GovQA. “GovQA is committed to adhering to the strictest security standards and regulations based on NIST 800-53 revision 4, as well as the security controls including HIPAA and CJIS. Our clients will be pleased to learn that we have taken this step to assess and manage their risks.”

GovQA will repeat the FISMA audit on an annual basis to ensure ongoing, continuous compliance and address any new controls or requirements added to the assessment in the future.

To learn more about automated workflow and public records compliance solutions for government and GovQA security, visit:

About GovQA 
GovQA, headquartered just outside of Chicago, is the leading provider of automated workflow and public records solutions for government compliance. The GovQA Exchange Solution combines trusted tools and comprehensive security, proven government expertise, and a scalable platform that enables cities, counties, and state agencies to securely collect and control time-sensitive information within, across, and outside governments.

Source: GovQA LLC


Categories: State or Provincial Government

Tags: FISMA Mod, Government Compliance, GovQA

About GovQA LLC

View Website

GovQA, a Granicus company, is the leading provider of cloud-based SaaS automated workflow solutions for government compliance. Customers use our software to more easily process and manage public records and information requests.

900 S Frontage Rd (Ste. 110)
Woodridge, IL 60517
United States