Success Stories

Written by xScion
on June 23, 2020


Identifying, Remediating and Preventing IT Risks


The nation’s largest hospital system, the Department of Veteran Affairs (VA), is implementing its Continuous Readiness in Information Security Program (CRISP), which is designed to reduce information security risks across the VA enterprise infrastructure.

xScion supports CRISP’s goals across the nation to:

  • Help the VA identify and mitigate existing security vulnerabilities and weaknesses
  • Conduct vulnerability assessments and support VA contingency plans to address potential IT security threats
  • Provide operational infrastructure enhancements under the VA’s direction
  • Support the VA’s effort to accelerate compliance with data privacy and information security regulations
  • Improve communication and coordination between IT teams across the VA

As part of the VA’s CRISP, xScion supports the IT security vulnerability remediations of thousands of virtual and physical systems across the VA enterprise infrastructure.


Enterprise Predictive Scans

xScion helps ensure the VA’s internal databases are compliant and secure, including:

  • Daily assessments and patch deployments as needed on systems and COTS applications to ensure the strongest and most up-to-date security posture
  • Coordination of security hardening for specialized applications including site approvals and/or vendor communication to eliminate risk of system or application outages


Onsite Audits

xScion helps the VA facilities and hospital locations within each region prepare for Office of Inspector General (OIG) audits, ensures onsite compliance on all systems and devices within local departments, and expedites mitigation for any areas needing remediation.

  • Assists with preparatory efforts for inspection locations to determine all vulnerabilities per site, organizational branch and department within each site
  • Documents and performs remediations for all findings within expedited time constraints of the audit
  • Develops Plan of Action and Milestones (POAMs) for any unresolvable findings



xScion helps ensure the VA achieves and remains compliant with HIPAA, FISMA, NIST and internal regulations for PII/PHI.

  • Assesses internal dashboard daily to identify and remediate Top 100 servers with highest levels of vulnerabilities
  • Ensures compliance against prohibited, unapproved and unauthorized software with removals or software updates for any issues identified
  • Assists with the elimination of unsupported Windows 2000/2003 systems


Download Success Story


You may also like:

Healthcare Agile Cloud Risk Management

Quality Assurance Using Behavior-Driven and Test-Driven Development

Verifiable Acceptance Criteria Met with 90% Reduction in Product Delivery Times A large Health Payer sought to increase ...

Agile Nonprofits Product Management Cloud BPM

Agile Product Management Transformation

IT and Business Functions Shift Focus to Value Streams from a Project Mindset A global pharmaceutical non-profit sought ...

Nonprofits Cloud BPM

Data Architecture Definition and Design

Developed Data Management and Governance Processes to Prepare Existing Data for New Automation Tools A global nonprofit ...