Student Loan Collector Becomes FISMA Certified

  • Email
  • Print
  • Printing Articles

    1. Click here to print!
    2. ...or print directly from your browser by choosing File > Print... from the menu or by pressing [Ctrl + P]. Our printer-friendly stylesheet will make sure extraneous website stuff isn't printed.
    3. You're done!

    Close this message.

  • Comments
  • RSS

Regional Adjustment Bureau, Inc. (RAB) a leading provider of student loan collection services to guaranty agencies and universities, has announced it has received third-party certification of its compliance with the Federal Information Systems Management Act (FISMA) from Crimson Security. This certification reinforces the overall quality, management, and data security assurance RAB offers clients, which also includes Standards for Attestation Engagements (SSAE) No. 16 certification, International Organization for Standardization (ISO) certification 27001:2005, and Payment Card Industry (PCI) certification.

FISMA is the information security standard used by Federal agencies to include the U.S. Department of Education (ED). Compliance with FISMA is therefore also required of ED’s Private Collection Agencies (PCAs).  FISMA provides “a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support Federal operations and assets.”  RAB’s certification verifies its completion of activities related to the following.

  • Privacy Impact Assessment

  • Privacy Threshold Analysis

  • Business Impact Analysis

  • Configuration Management Plan

  • Contingency Plan

  • Disaster Recovery & IR Plans

  • System Boundaries

  • System Security Plan

  • Self-Assessment Reporting

  • POAM Reporting

RAB Executive Vice President Bob Pugh stated, “Knowing Crimson has also provided the same services to PCAs now working for ED, I am confident our systems infrastructure provides a level of security that should encourage all potential clients, including the Federal government, to consider RAB as a potential partner.”

  • Email
  • Print
  • Printing Articles

    1. Click here to print!
    2. ...or print directly from your browser by choosing File > Print... from the menu or by pressing [Ctrl + P]. Our printer-friendly stylesheet will make sure extraneous website stuff isn't printed.
    3. You're done!

    Close this message.

  • Comments
  • RSS

Posted in Data Security, Debt Collection, Department of Education Collections, Student Loan Collections .

×
Subscribe to our email newsletters

Continuing the Discussion

We welcome and encourage readers to comment and engage in substantive exchanges over topics on insideARM.com. Users must always follow our Terms of Use. Also know that your comment will be deleted if you: use profanity, engage in any kind of hate speech, post an incoherent or irrelevant thought, make a point of targeting anyone, or do anything else we find unsavory. Your comment will be posted under your current Display Name, shown below. If you'd like to change your Display Name, you must update it on the My Profile page.

  • avatar Mike Nelson says:

    Congratulations! Other than the fact that there is no such thing as the Federal Information “Systems” Management Act and there is no such thing as “FISMA Certified.” Under the NIST Risk Management Framework, compliance to FISMA is constituted in achieving an Authority To Operate.

Leave a Reply