GSA Schedules/Contract Vehicles

B&M Consulting Group holds GSA’s IT Schedule 70.

B&M is a HUBZONE certified, economically disadvantaged woman-owned small business (EDWOSB), and a State of Maryland Certified Minority Business Enterprise (MBE).

We provide full-lifecycle NIST Risk Management Framework (RMF) process support for Federal systems, applications, and common control programs, in accordance with Federal Information Security Modernization Act (FISMA) requirements. Our teams have extensive experience in guiding new system acquisitions and development efforts from initiation to Authorization To Operate (ATO), to include supporting stakeholders in the design and implementation of appropriate IT security and controls, and serving as independent assessors. We also perform more targeted security impact analyses and assessments for changes to existing systems. Additionally, we have deep experience helping Federal Agencies ensure that solutions moved to FedRAMP Cloud Service Providers (CSP) are appropriately secured and monitored.

Our team members bring extensive experience working with the U.S. Government Accountability Office (GAO), Offices of Inspectors General (OIG), and internal audit groups, and we have successfully supported a number of Agencies in preparing for, supporting, and responding to Federal IT security audits and evaluations.