Nerthus Services

Nerthus brings its knowledge, experience, innovation and professional workforce to each engagement.  Our areas of expertise include:

  • Information Technology and Technical Governance.  Nerthus assists organizations in aligning their information technology products and approaches with their mission and goals.  We work with our clients to develop technical capabilities, aligned with organizational divisions, that can support and enhance organizational performance while reducing the cost of licensing and on-going system maintenance and compliance.  Nerthus can also develop procurement documentation such as Request for Proposals and Requests for Information that include comprehensive technical and functional requirements, specifications and performance expectations.   These procurement documents provide for effective evaluation, selection, prioritization, and funding of information technology investments.  Nerthus can also manage the technology implementation, integration into the organization, and design of optimized process and procedures to maximize the return on investment. 
  • Cyber Security. Nerthus offers comprehensive cyber security services that ensures the protection of the organization’s data and systems and prepares the organization for evolving threats in future.
    • These services include:
      • Enterprise Security Architecture Design and Re-design
      • Computer Security Incident Response
      • Cyber Security Operations Management
      • Application and Software Security Assurance
      • IT Risk Management and Compliance
      • Vulnerability Assessments and Penetration Testing
      • Policy and Procedure Development

  • Technical and Functional Compliance.  Nerthus offers world class compliance services to ensure our clients meet diverse compliance requirements.  We understand that clients are often faced with meeting compliance requirements in lieu of following other strategic tasks.  We work to minimize consequences related to compliance and can develop a compliance plan to meet your needs incrementally. 
  • Our compliance expertise includes:
    • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
    • Health Information Technology for Economic and Clinical Health Act (HITECH)
    • The Federal Information Security Management Act (FISMA)
    • Sarbanes-Oxley The Sarbanes-Oxley Act of 2002 (SOX)
    • The Payment Card Industry Data Security Standards (PCI-DSS)
    • The Family Educational Rights and Privacy Act (FERPA)
    • The Financial Services Modernization Act of 1999 (GLBA)
    • Federal Bureau of Investigation’s Criminal Justice Information Services standard (CJIS)
    • Internal Revenue Service Publication 1075
    • Medicaid Information Technology Architecture (MITA) Maturity Model (MMM)
    • Statement on Standards for Attestation Engagements (SSAE) No. 16
    • NIST Special Publication Series 800, Computer Security
    • NIST Special Publication Series 1800, Cybersecurity Practice Guides
    • NIST Special Publication Series 500, Computer Systems Technology

  • Program and Project Management. Nerthus provide project management services that leverages our diverse and deep programmatic and technical knowledge, experience and best practices.  We offer both complete project lifecycle management to single phase tactical execution.  Complex and high risk projects are our specialty.

  • Independent Verification and Validation (IV&V).  In alignment with IEEE Std-1012 and ISO/IEC 15939, Nerthus brings its exceptional knowledge of the verification and validation process, technology and technical implementation, compliance and best practices to our IV&V activities.  We work proactively with our clients to understand the organization’s goals, timelines and budget which we integrate into our activities.  Nerthus is very different from other IV&V providers in that we supply our clients with specific, timely, often immediate feedback, so that changes can be made timely to reduce rework, schedule slippage and costs as well as other negative project impacts.  We embrace the term value engineering n that our IV&V services are not a mandate but a value oriented service.

  • Information Technology Research and Development. We offer information technology research and development services to help our clients gain competitive advantage.  We work to identify the approach methodologies, scientific support and tools to solve our clients’ challenges.