Cogent Solutions, Inc. provides Information Technology and Management Consulting services to the federal government, serving both the Department of Defense and Federal Civilian agencies. Our services range from developing expert systems to designing and implementing enterprise-wide distributed information systems, with appropriate emphasis on selecting and integrating commercial off-the-shelf products. Our network support services include the design, implementation and support of networks that evolve in concert with changes in our customers’ business. Our web services include design, development, secure hosting and the secure implementation of unclassified information.
Cogent Solutions is a process focused firm, currently holding ISO 9001:2008 for Quality, ISO 27001:2013 for Security, and ISO 20000:2018 for Service Management.
Cogent Solutions holds multiple socio-economic designations, including SDB (Small Disadvantaged Business), SDVOSB (Service Disabled Veteran Owned Small Business), and HUBZone (Historically Underutilized Business Zone).
Our software support
Cogent Solutions is a full-service information technology company committed to delivering quality support services and products on time and within budget. Our software support services range from developing single-user applications to designing and implementing enterprise-wide distributed information systems, with appropriate emphasis on selecting and integrating commercial off-the-shelf products.
Our technical support
Our technical support services are available twenty-four hours a day, seven days a week. Our network support services include the design, implementation and ongoing support of networks that evolve in concert with changes in your business. Clients also have the option of support contracts and other technical services that range from intensive on-site administration to remote monitoring.
OUR CORE COMPETENCIES
Cogent Solutions is an Amazon Web Services (AWS) GovCloud and Microsoft® Azure reseller providing a comprehensive, evolving cloud computing platform support hosted by Amazon. It provides a mix of infrastructure as a service (IaaS), platform as a service (PaaS) and packaged software as a service (SaaS) offerings. These offerings provide on-demand delivery of computing power, database, storage, applications, and other IT resources via the internet with pay-as-you-go pricing.
AWS GovCloud (US) is an isolated AWS region designed to host sensitive data and regulated workloads in the cloud, helping customers support their US government compliance requirements, including the International Traffic in Arms Regulations (ITAR) and Federal Risk and Authorization Management Program (FedRAMP) requirements. AWS services the region with U.S. Persons, the region is built on U.S. soil and only vetted U.S. Persons are permitted to hold root account credentials.
AWS’s FedRAMP High authorization, which includes over 400 security controls, gives U.S. government agencies the ability to leverage the AWS Cloud for highly sensitive workloads, including Personal Identifiable Information (PII), sensitive patient records, financial data, law enforcement data, and other Controlled Unclassified Information (CUI).
Program and Project Management
Cogent Solutions follows the Program Management Institute (PMI) standards reflected in the PMI PMBOK Guide, Program Management Practice Standard, Portfolio Management Practice Standard, and other PMI publications. Our Program/Project Management approach consists of initiation, monitoring and controlling, reporting, and closing out. The process oversight includes management of quality, communications, cost, schedules, and risks, and will apply to all tasks and subtasks throughout the contract. Our approach to project management is based on the nature of the tasks, determining which are interrelated or independent projects managed by a Program Manager (PM) in a centralized, coordinated effort aimed at achieving organizational strategic objectives and benefits as listed in the PWS. The process oversight includes management of quality, communications, cost, schedules, and risks, applicable to all projects/tasks throughout the contract. Our specific approach to individual projects/tasks is based on their nature and interdependencies and is reflected in the integrated program management to be overseen in a centralized coordinated effort. Cogent Solutions’ Project Plans provide scalable project processes under sequential or parallel schedules, e.g., Waterfall/Agile. Under our Program Management Plan, we also develop an integrated master schedule and use EVM (Earned Value Management) to manage the budgetary issues in an integrated fashion. The following illustrates our basic approach to Program/Project Management.
Software Engineering and Applications Development
Cogent Solutions utilizes an iterative Software Development Lifecycle (SDLC) methodology to deliver high-quality, fully-functional, and high-performance software development services to the client. The iterative approach below is an SEI-certified CMMI Level-3 SDLC methodology. Cogent Solutions methodology is based on industry best practices, supporting continuous discovery, invention, and implementation with each iteration, and forcing the development team to drive the project’s artifacts to completion in a predictable and repeatable way. Compared with other development methodologies, Cogent Solutions iterative process has the following advantages:
- Risks are mitigated earlier
- Change is more manageable
- There is a higher level of software reuse
- The project team can learn along the way
- The product has a better overall quality
Network Engineering and Management
Effective and efficient operations management is key to Cogent Solutions’ ability to deliver Network Information Technology (IT) Services. Cogent Solutions provides a well-conceived and constructed operations management environment to achieve system availability, performance, and cost control of client environments.This includes the planning, design, implementation, and maintenance of agency networks through a proven network engineering and maintenance approach.
Cogent Solutions organizes its approach to maintaining the client network into three distinct practices which follow the logical flow of the IT Life Cycle: Planning and Design, Implementation, and Operations & Maintenance. The latter of these practices, operations and maintenance, represents the majority of work conducted daily on the client network.
Cogent Solutions’ operations and maintenance phase provides agencies with support over the following task areas:
- Monitoring and Reporting
- LAN/WAN/VPN Connectivity
- System Administration
- Hardware and Software Maintenance
- Infrastructure Management
- Disaster Recovery and Continuity of Operations Plan (COOP)
Cogent Solutions provides end-to-end web service with professionals who specialize in creating unique, innovative and sustainable solutions to meet each client’s requirements. Our focus is on performance, scalability, and security – with experience in both public cloud, private cloud and hybrid solutions for agencies moving toward more efficient cloud approaches. Cogent Solutions has past performance experience in standing up and operating a Web Center of Excellence (CoE) for DoD within the Pentagon and helping to achieve the first DoD Authority to Operate (ATO) for public facing websites on a public cloud environment within the Pentagon. Support services include analysis of alternatives, technology assessment, cloud-based test environment implementation, implementation of a cloud-based production environment along with scripting to allow for both public cloud and private cloud using a hyperconverged environment. Additional support services include help desk support on web development, content, and security requirements.
Help Desk and End-User Technical Support
Cogent Solutions provides customer support experience processing thousands of tickets for tier-structured Help/Service Desk support. Support provided is across Tier I, II, and III levels. Tier 1 support includes online or live voice interaction with a user and onsite visits. Cogent Solutions has hands-on familiarity with the BMC Remedy (specifically RemedyForce), Jira, ChangeClear, CA, Jira, Zendesk, Freshdesk, and other Helpdesk tools providing ticket generation, prioritization, and CMDB. Our Tier I specialists support application operation demands that require the support of end users and provide configuration and sustainment maintenance of the core Help/Service desk modules: Service Request, Knowledge Management, Incident Management, Problem Management, Change and Release Management, and Configuration Management. These modules are customized to meet client specific requirements. For example, we would set up Incident and Problem management processing by the client policies of priorities, and in the case of Incident management, the priorities could be directly dependent on the Impact as exemplified below.
|Exceptions: Major Incident or Quick Fixes. Service Desk resolves these problems immediately regardless of impact and urgency||1: Extensive / Widespread||2: Significant / Large||3: Moderate / Limited||4: Minor / Localized|
|Cannot conduct business.||Cannot conduct core business.||Restricts business.||No significant impediment, a workaround exists|
|Urgency of Resolution||1: Critical||Immediate||1||1||2||2|
|2: High||In near future||1||2||2||3|
|3: Medium||In future||2||3||3||3|
|4: Low||No urgency||4||4||4||4|
Cogent Solutions provides Information Assurance support services using NIST (National Institute of Standards and Technology) Risk Management Framework (RMF). RMF describes the process for identifying, implementing, assessing, and managing cybersecurity capabilities and services, expressed as security controls, and authorizing the operation of Information Systems (IS) and Platform Information Technology (PIT) systems. Our solutions provide a risk-based approach to the implementation of cybersecurity, supports cybersecurity integration early and throughout the system lifecycle, promotes reciprocity to the maximum extent possible, and stresses continuous monitoring.
Cogent Solutions methodology is in full compliance with the directive and applications of the NIST Risk Management Framework (RMF) process. Working with agency system owners, we assist in determining each of the client system boundaries for the Applications or General Support Systems and determine a system security categorization level: High, Moderate, or Low in accordance with NIST FIPS 199 standard: Security Categorization. Sets of security controls corresponding to a System Category are listed in NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations.
The Authorization process consists of the six steps below and recommended by NIST SP 800-37 Rev. 1: Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle (RMF). We follow the RMF recommendation that prescribes a division of the six authorization steps into two sets: (i) categorization, control selection and control implementation and (ii) control assessment, conducted independently by the Cogent Assessor. We can also deliver the NIST specified Authorization Package.
Security and Enterprise Architecture
Cogent Solutions’ approach to Security Engineering is a review process and coordination with the expected outcome of identifying the application vulnerabilities. Code reviews containing insufficient functionalities and tainted code segments are made available to the developers for fixing. The known application system vulnerabilities are provided to the Information System Security Engineer (ISSE), including mitigation or remediation. This process is two-fold: Cogent Solution ISSEs schedule patching of the application security vulnerabilities, or if that effort is outside the time allowance and availability of resources allocated in the project plan, a Plan of Action and Milestones (POA&M) is developed.
Cogent ISSEs hold DoD 8570.01-M Level II and III certifications such as CAP and CISSP as applicable to the job functions they fulfill. Our ISSEs and ISSOs provide support to the client as mandated by DoDI 8510.01, RMF:
- System categorization,
- Security control selection,
- Security control implementation,
- We will support technical aspects of control assessment and authorizations (e.g., creation of POA&M)
- In the post-authorization period, the Cogent ISSEs will support continuous monitoring.
Cogent Solutions’ Enterprise Architecture (EA) services help agencies plan and execute the Information Technology (IT) strategies that support their mission-critical functions. The methodology is based on industry best practices and frameworks developed by the Office of Management and Budget’s (OMB) Federal Enterprise Architecture (FEA) framework.
Cogent Solutions’ EA services help agencies to comply with the FEA, which has become an integral part of the federal government’s Capital Planning and Investment Control (CPIC) process for making investment decisions, assessing investment process effectiveness, and refining investment related policies and procedures.
Agencies can realize significant cost savings and avoidance, as well as reduced redundancy as a result of Cogent Solutions’ Enterprise Architecture expertise. The FEA framework includes standards, tools, and models for agencies to use in developing EA artifacts. This framework focuses on improving in the areas of budgeting, performance, integration, and collaboration. Cogent Solutions utilizes the FEA framework as a basis to develop IT strategic plans, segmented architectures, EA transition plan, and other required EA documentation.
Our Enterprise Architecture Services include:
- Consulting services
- Strategic planning
- Segment architectures
- Transition planning
- Capital planning support
- OMB reporting requirements