Our personnel have extensive first-hand experience implementing security in the Risk Management Framework for Department of Defense customers. We have applied the Security Technical Implementation Guides (STIGs) throughout the software and database development life-cycle in the work we have done. We ensure that the Web Servers and Database Servers which we are responsible for are up to date on all their patches and are configured properly to avoid common and not-so-common security pitfalls. We not only have important expertise in the technical aspects of RMF, but we also proficient at maintaining the massive process documentation burden of RMF. We have been involved in the Configuration Control Board process for development of new software systems as well as those in maintenance mode.