Technology for Energy, Cybersecurity & AS9100 Oh My!

"We anticipate the benefits will continue to happen for the next few years. These services will help us maintain DOD contracts and help us in new markets and ultimately an increase of $10M/year for us is possible."
— Tim Smith, Project Engineering Manager

About

Technology for Energy Corporation (TEC) is a manufacturer of diagnostic instruments for multiple industries including the aviation, electric power, nuclear, and materials testing industries and is located in Knoxville, Tennessee. The company has approximately 50 employees and most are located in the Knoxville office, with a handful in a Huntsville, Alabama, location. TEC’s entire staff is involved in customer communication from product development to delivery and beyond. All TEC instruments are designed and built by the employee-owners of the company.

The Challenge

The client needed to establish a quality management system that adhered to the AS9100D standard to continue to serve clients in the defense and aerospace markets and to seek out and serve new clients in this market as well. This part of the engagement with TEC was led by TEC’s Tim Smith, a key project engineering manager. TEC turned to Tennessee MEP, part of the MEP National Network™, for help.

MEP's Role

The Tennessee MEP team performed a NIST Cybersecurity Framework for Manufacturers Gap assessment. This framework included assessment project-planning and management, a review of the NIST gap assessment methodology and establishment of milestones. A cybersecurity remediation project followed to assist with compliance to the Department of Defense DFARS 252.204-7012 and NIST 800-171 Interim Rule Gap Assessment.

The cybersecurity assessment and remediation projects resulted in compliance portal configuration and assignment of roles, the deployment of network scanning tool along with an initial scan for evidence collection. Worksheets and forms were created and delivered to address policy, process and evidence documentation. Subsequently guidance and consultation services were provided related to the assessment. This led to an additional cyber security remediation project which focused on improving communications protection, configuration management and access control.

The key deliverable for the AS9100D Gap assessment were the key steps required to gain AS9100D certification. The key resulting deliverables of the cybersecurity project were a NIST auditor checklist, a risk analysis, a risk treatment plan, evidence of compliance, a policies and procedures template, an application and asset inventory, and an external vulnerability scan report, along with supporting worksheet and forms. The client also received access to the compliance portal for 60 days. Guidance and assistance were provided to help bring TEC into compliance in the key areas of communications protection, configuration management and access control. 

How Can We Help You?

We use a consultative approach to assess your situation, understand your problems and learn about your operation. We take a deliberate and methodical approach to customize a solution that is based on proven processes. We are not selling software or products, so we can help you find the right vendors. We can direct you to other appropriate resources. 

We have helped companies like yours. How can we help you? 

Request Free Consultation