CymSTAR has attained unparalleled success through a strategy built upon:
- A Business Paradigm centered around customer satisfaction, motivated employees, and investor satisfaction. CymSTAR retains a high number of our engineering and management personnel with an extremely low turnover rate.
- A Keen Focus on Core Competencies in systems integration, training device modifications, new trainer development & production, and Training Systems (TS) support services.
- A Strong Concentration on Military Customers as a supplier to Government and Prime Contractors, or as a Small Business Indefinite Delivery/Indefinite Quantity (ID/IQ) Prime Contractor.
- Maximum use of commercial off the shelf (COTS) products and open system designs with unlimited rights on all elements we develop.
- Routine employment of Firm Fixed Price (FFP) contracts exemplifying CymSTAR’s confidence in our capability to perform on time, every time.
CymSTAR’s company values are to exceed customer expectations, take ownership of problems, and provide transparency.
CymSTAR’s success is due to the small business strengths of a flat structure, low overhead, and a high customer commitment. We empower interdependent teams with delegated decision-making authority, accountability for results, and rewards for achievement. A sample of our robust management processes IAW IEEE Std 12207:2008 and other industry standards include:
- Schedule Management is guided by a detailed, tailored Integrated Master Plan (IMP) and/or Integrated Master Schedule (IMS).
- Risk Management processes developed with reference to the Defense Acquisition University (DAU) Risk Management Guide for DOD Acquisition, Sixth Edition, Version 1.0, August 2006.
- Configuration and Data Management (CM/DM) processes developed IAW ANSI/EIA-649, ISO-10007, and ANSI/EIA-836.
- Change Management IAW MIL-HDBK-61A.
- Quality Management System (QMS) procedures and processes IAW ISO 9001:2008, independently certified by World Certification Services LTD.
- Subcontractor & Vendor Management for partnerships with reputable subcontractors IAW FAR 52.219 Limitations on Subcontracting.
- To deliver training systems that are compliant with Cybersecurity requirements, CymSTAR develops a risk based Security Plan aligned with the training system specifications and customer requirements. The security plan focuses on risk factors and works to develop a persistent state of high enterprise cybersecurity readiness.
- The certification status of CymSTAR’s Cybersecurity workforce as described in DoD 8570.01-M is currently Information Assurance Technical (IAT) Level III.
- We currently have Authority To Operate (ATO) in a Defense Security System (DSS)-approved, CLOSED area within our facility based on our current programs’ DD 254 and “need-to-know” basis.
- Following the IAW DoD 5220.22-M National Industrial Security Program Operating Manual (NISPOM) and the Defense Security System Assessment and Authorization Process Manual (DAAPM) V1.1, CymSTAR implements a Standard Practice Procedure (SPP) manual obligating all authorized personnel to safeguard Government-furnished and contract-developed materials and to apply these provisions within the training system program.
- Financial Management to sustain a stable business with controlled and profitable growth since our inception. We have ample cash reserves, ZERO debt, a Defense Contract Audit Agency (DCAA)-approved accounting system and methodology compliant with FAR Cost Accounting Standards (CAS).
- Software Development processes based upon the principles of IEEE/EIA 12207.0-IEEE/EIA 12207.2.
- Test and Evaluation (T&E) program IAW DoDI 5000.02 Encl. 6 “Integrated T&E” and the Defense Acquisition Guidebook (DAG) Chapter 9 “Integrated Test and Evaluation”. Our approach includes early prototyping, Hardware/Software Integration (HSI), and Deficiency Report (DR) clearance.
- Cybersecurity/Information Assurance (IA), including Department of Defense Information Assurance Certification and Accreditation (DIACAP) and Risk Management Framework (RMF), plans and processes IAW DoD 8510.1 Risk Management Framework for DoD Information Technology (IT) and DoDD 8570.01 Information Assurance (IA) Training, Certification, and Workforce Management.
- CymSTAR’s SPPs include a detailed System Security Plan (SSP) which contains all documented controls and appendices as required in the Risk Management Framework (RMF) process for DoD Information Technology systems as defined in DoDI 8510.01.
- Information Security (IS) specific controls are implemented by determining the risk factors and applying security controls based on those risks in order to ensures cybersecurity compliance throughout the IS development and deployment lifecycle.