Empowering Enterprise Risk Management
Members of
Empowering Enterprise Risk Management
Chris Hagenbuch is a Principal at CANDA Solutions, a software and services firm specializing in industrial security, insider threat, continuous vetting, and counterintelligence, as well as Investigations management. CANDA’s flagship product Fresh Haystack has been proven to increase billable revenue by 60% and cut expenses by 40% when implemented throughout the hiring cycle of the Defense Industrial Base contractors. Chris’s subject matter expertise is sought after for insider threat, continuous vetting, and investigative analysis.
This knowledge was built while spending 20 years supporting law enforcement, threat assessment, background investigation and credentialing programs within DHS (such as Registered Traveler, TWIC, HME, FFDO, Aviation Workers, TSA Personnel Security, Federal Air Marshals, US-Visit and The US Secret Service), and over 25 years providing project, program, and portfolio management services with direct P&L to $250M. He has a Bachelor of Arts in Engineering from Lafayette College and a Executive Education Certificate of Finance From the Wharton School
Known for his work and presentations regarding Agile system delivery, identity management, information assurance, vetting and credentialing practice areas, his experience spans across consumer, corporate, and government areas. A leading security expert, Hagenbuch has been engaged in various working groups, participated in publications, provided speaking engagements and lectures, and received several awards.
Principal of CANDA Solutions, LLC, Andrew Razumovsky is responsible for the systems’ delivery, operations, and business development efforts. Mr. Razumovsky brings more than 22 years of total industry experience of computer based business applications, data warehouse, databases development, customer support using various operation systems, tools, and hardware platforms.
With over 15 years of extensive experience as an information technology specialist with focus on risk and threat assessment, law enforcement and case management programs, Mr. Razumovsky has advised major US government clients such as Dept. of Defense, Dept. of Justice, State Department, NASA and the Department of Homeland Security. He has a concentration in the persistent challenges of security focused Human Capital and Enterprise Risk. Razumovsky’s vast experience, including working with IBM, Arbitron and CommerceOne, paves the way for Fresh Haystack, the next generation risk focused case management solution. He is an acknowledged expert in the development of innovative solutions for database, credentialing, security systems, and Agile delivery.
His main focus areas at CANDA are Enterprise Risk Management, Product Innovation and Business Development driving customer acquisition resulting in significant growth for the company and industry awards.
Mr. Razumovsky currently serves on INSA (Intelligence and National Security Alliance) Security Policy Reform Council (SPRC). Andrew is giving back to community as a board member of the Associated – Jewish Federation of Baltimore and Jewish Community Services (JCS).
Mr. Razumovsky earned a Master of Science degree in Applied Mathematics from the Tbilisi State University and received a Certificate of the Management Excellence at Harvard Business School.
Paul Perkins joined CANDA solutions in 2020 as the SVP of Sales focused on growing the business, revenue & the team for the Fresh Haystack Enterprise Industrial Security solution as well as the CARES (Continuous Adaptive Risk Evaluation solution).
Paul focuses on Federal, State & Local Governments, Higher Education and the Commercial market for CANDA as well as growing our partner community both technology and VAR. Paul has practiced in the Cyber Security solution market for over 20 years and joins CANDA Solutions with experience in both sales & sales leadership with companies such as Unisys, IBM, Dell and Bit9.
While at Unisys Paul led a team of experienced sellers and sales engineers focused on all of the public sector security sales efforts & the Stealth solution, Paul was able to grow revenue by over 200% and the partner community by over 300%. At IBM Paul was a leader in taking the standard IBM Security suite of solutions and converting them to a SaaS offering focused on the Federal, SLED and commercial markets, growing revenue by 300% and the partner community by over 500%.
Mr. Leonard has extensive experience delivering information technology consulting services for government and commercial clients. Demonstrated management success in leading teams to deliver mission critical, high-quality, enterprise solutions and achieving outstanding customer satisfaction ratings.
Chris has considerable experience with a variety of technologies including systems architecture, design, and full life cycle system development including Agile methodologies and DevSevOps. He has project management experience at the project and program management level including full P&L and business development responsibilities.
Andy has extensive experience in Federal and Commercial Business Development, Capture, and Customer Account Management. He brings a track record of successful business acquisition within ultra-competitive market environments. Andy is seen by his co-workers, customers, and partners as a leader with high integrity and driven to achieve results.
At CANDA, Andy’s focus is on the alignment of the Federal and Commercial Business Development, Direct Sales, Channel Sales & Marketing. Andy works closely between our product teams, the market, and industry as we look to continue developing new avenues of business growth.
CANDA team members led efforts to achieve Certification and Accreditation (C & A) for five (5) separate systems for the United States Coast Guard, as a part of the DHS. We worked extensively with the Risk Management System (RMS) and Trusted Agent FISMA (TAF) tools to rapidly provide C & A results in accordance with the DHS/NIST standards. In order to receive an Authorization Letter to Operate, our team successfully completed the following documents:
The National Coordination Office (NCO) for Networking and Information Technology Research and Development (NITRD) supports the planning, budget, and assessment activities for the Federal government’s NITRD program.
CANDA Solutions implemented a nimble and elegant Certification and Accreditation (C & A) solution program for the NCO. Managing and performing security authorization, security testing, and security evaluation tools, processes, and procedures, our rapid C & A Methodology, honed within DHS, provides repeatable and measured value from day one.
We took a total assessment of the office and worked to define a usable security program with the client mission in mind that included new policies, procedures, a program handbook, checklists, and other job aides, as well the full set of C & A artifacts. The project was completed early and under budget.
Our certified, professional staff offers decades of DHS systems and C & A experience, which, combined with our experienced Program Managers (PM)—all of whom are certified PMPs, CISSPs, and CAPs—brings to the table a comprehensive understanding of the C & A process and the ability to support your project.
Scryptions International software for the health care industry allows secure and accurate dictations to be transferred in just seconds. They offer the ability to transfer files and transcribe dictations, all in a password-protected environment that is secure and HIPAA Compliant.
Scryptions medical records management demands tracking and storing medical transcription information in their system that saves time and space by storing medical transcriptions on a secure server and providing multiple search and retrieval functions.
CANDA resolved a MySQL performance bottleneck challenge they encountered with PHP website, database transactions management, persistence layer, and database server configuration, all of which improved the scalability of the system.
As part of the Department of Homeland Security (DHS), the Transportation Security Administration (TSA) secures the nation’s airports and screens all commercial airline passengers and baggage. We led and delivered multiple projects to the TSA:
US-VISIT supports the DHS by providing biometric identification services that help federal, state, and local government decision makers accurately identify the people they encounter, and determine whether those people pose a risk to the United States. CANDA Solutions principals managed the team that delivered incremental support to the US-VISIT Validation Service, supporting the validation of ePassports for travelers from around the world.
Domestic Nuclear Detection Office (DNDO) is a jointly staffed office within the DHS. CANDA Solution’s success within DNDO derived from our ability to provide the technical expertise required to understand how organizations operate, help them set goals, and implement the latest innovations to achieve them. Our experience was critical in supporting and enhancing the capabilities of the Joint Analysis Center Collaborative Information System (JACCIS) program.
The DHS Protected Critical Infrastructure Information (PCII) Program Office is currently administering their system in an initial operating capability (IOC) and has recently procured contractor support to enhance that capability to bring the system to a full operating capability (FOC).
The FOC, as envisioned, needs to fulfill the operating needs of the program today and into the future. The enhanced system is architected in a manner that allows flexibility and adaptability to any scenario that is presented to the office from data providers, consumers, or to meet the internal needs of the program. CANDA Solutions created the SOA blueprint for the new system and is currently leading the development team.
Founded in 1995 as one of the first providers of remote intraoperative neurophysiological monitoring, SpecialtyCare (formerly Sentient Medical Systems) is one of the largest, most sophisticated, and reliable providers of intraoperative monitoring services.
Prospective, case control, and retrospective studies published over the past 20 years attest to the efficacy of intraoperative monitoring. It is considered valuable in the management of orthopedic and neurosurgical patients by many professional organizations, among them the American Academy of Neurology, American Clinical Neurophysiology Society, Scoliosis Research Society, and the American Association of Neuromuscular and Electrodiagnostic Medicine.
We provided a solution that fit their critical needs to offer collection and reporting solutions that are secure and robust. Our web-based data collection and reporting systems offer multiple, simultaneous interactions with the most current data provided, automatic tracking of data status, reporting capabilities, and nightly batch process for invoice generation. The application has been implemented using JBoss, EJB, JSP, Servlets, Oracle 9i, Linux.
Intraoperative monitoring provides a multitude of benefits, including:
Through the Public Health Service, CANDA Solutions helped the Architect of the Capitol in the design, development, and rollout of their Job Hazards Analysis application that is part of their comprehensive Environment Health and Safety program.
The application allows health and safety managers to record, recommend, and analyze all jobs with respect to their potential hazards and adherence-to-safety precautions. The Architect of the Capitol is responsible to the United States Congress for the maintenance, operation, development, and preservation of the United States Capitol Complex, which includes the Capitol, the congressional office buildings, the Library of Congress buildings, the Supreme Court building, the U.S. Botanic Garden, the Capitol Power Plant, and other facilities.
Nielsen (formerly Arbitron), a world leader in radio ratings, came to CANDA looking for solutions to establish IT governance, open source adoption, development process and procedures, capacity planning, code standards, and change control policies. We reengineered and developed various projects:
QinetiQ North America (QNA) delivers technology, services, and solutions for U.S. government and commercial customers. They deliver high quality products and services that leverage detailed mission knowledge and proven, reliable tools and methodologies to meet the rapidly changing demands of national defense, homeland security, and information assurance customers.
CANDA, a QNA partner, has supported and continues to work with their Missions Solutions Group by providing support, insight, and services to various projects: defining solutions architecture, technical proposal writing, and working to support their efforts to ensure the success of their Defense and Civilian Agency customers.
QNA is known for translating complex system specifications into mission solutions and CANDA is committed to deliver the very best in technology and service offerings to support QNA and their mission.
This was our first delivery of full Fresh Haystack functionality in the secure cloud environment. PAE’s Security team now uses multi-factor authentication to access all the features of the Enterprise Industrial Security Suite including SCI, Collateral and Suitability & Public Trust workflows, Integration with Workday, and they are looking forward to achieve efficiencies and productivity gains by using the modern case management system.
Promoting Security Shared Services Center will enable CACI to centralize key functions of the security program that spans across the company. Fresh Haystack was selected to create efficiencies in the business process and to provide the Security team, Program Managers, and Employees with the tools, information, integrations with internal systems, and capabilities that didn’t exist in the past.
A productive, easy to use, and adaptable case management platform increases in value when processes can be implemented rapidly. ManTech decided to use Fresh Haystack, which was successfully delivered using Agile methodology against a long list of business and security requirements – not surprising for a company that has a multitude of different US Government customers.
Booz Allen Hamilton has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe.
Nurturing the strategic know-how and potential of the distributed workforce, so that everyone can gain efficiencies and contribute to a successful customer engagement, has always been a key differentiator for Booz Allen. However, as security requirements evolve and policies change, the firm must find new tools to help its employees succeed and deliver to its shareholders. Booz Allen turned to CANDA Solutions’ Fresh Haystack, a platform of cloud-based case management, workflows, automation, and integration solution for complex business case processing.
All of its cleared employees use the SMART (powered by Fresh Haystack) case management tool to foster productivity and efficiency and achieve major cycle time reduction for complex business case processing.
The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) is a unique law enforcement agency in the United States Department of Justice that protects our communities from violent criminals, criminal organizations, the illegal use and trafficking of firearms, the illegal use and storage of explosives, acts of arson and bombings, acts of terrorism, and the illegal diversion of alcohol and tobacco products.
Through the Public Health Service, CANDA Solutions has helped the ATF in the design, development, and rollout of their HEPP Database application that is part of their comprehensive Environment Health and Safety program.
The application allows Fire Investigators to collect sample data from investigation sites and run reports to analyze the data for overexposure issues and look at trends in the use of protective equipment.
The Department of Justice (DOJ) enforces the law and defends the interests of the United States. It ensures public safety against threats—both foreign and domestic—and provides federal leadership in preventing and controlling crime, seeking just punishment for those guilty of unlawful behavior. The DOJ ensures fair and impartial administration of justice for all Americans.
The DOJ’s Legal Information Office Network System (LIONS) is a database with online capabilities which permits the USAOs and EOUSA to compile, maintain, and track information relating to defendants, crimes, criminal charges, court events, and witnesses, used by the Executive Office for United States Attorneys (EOUSA) division to manage and maintain information supplemental to legal education, policy development, and coordination with the DOJ and other federal agencies.
LIONS was established to track cases and matters which are presented to and/or pursued by the USAOs. LIONS serves as a day to day management tool as well as a litigation aid and a review tool. By allowing the USAOs and EOUSA to summarize and analyze the cases pending and completed, the USAOs and EOUSA can more efficiently promote the interests of the United States government.
CANDA’s decomposition effort of the Case Management system included a review of the code, database, and existing documentation for the LIONS system. We prepared and submitted a white paper to executive management highlighting the system status, including a path to upgrade from outdated and obsolete technology. Based on all that, we proposed a solution and showed the benefits of the suggested architecture.
The Federal Air Marshal Service (FAMS) is a United States federal law enforcement agency under the supervision of the Transportation Security Administration (TSA) of the United States Department of Homeland Security (DHS).
“The Air Marshal Service is meant to promote confidence in civil aviation by effectively deploying federal air marshals (FAMs) to detect, deter, and defeat hostile acts targeting the United States.”
CANDA Solutions led the technical implementation of the IBM’s MAXIMO solution for the FAMS Warehouse Management System. The system was based on the customization and configuration of the MAXIMO Asset Management System and was implemented to track consumable information for the Atlantic City Warehouse.
CANDA Solutions led the technical transition as well as the implementation of the Kennedy Space Center (KSC) Engineering Support Contract (ESC) for the National Aeronautics and Space Administration (NASA). We helped to build a suite of program management, engineering, and work control software services for the execution of the QKESS program.
QKESS is an information hub and collaboration portal, which forms the program Management Information System (MIS) backbone and is the branding term for the consolidated set of the MIS requirements. It also provides a means of data transport for users assigned to the KSC directorate and its partners on the ESC contract.
QKESS encompasses a variety of programmatic and administrative applications. Every ESC team member uses this integrated administrative information system. Applications within QKESS support numerous functional areas, including content management and collaboration, work control, asset management, ESC Service Desk, schedule management and Earned Value Management (EVM), risk register and risk management services, task order life cycle management services, hireling life cycle services, decision support, and our prime contractor (team QinetiQ North America) business and financial services.
QKESS provided the ESC program with the tools to improve business processes which increased efficiency, effectiveness, reliability, and cost-savings for the Government.
The Department of State (DOS) Passport Records Imaging System Management (PRISM) manages archived images of passport applications for United States passports. Used on-site at passport agencies, PRISM is a digital imaging system that scans and stores information in an easily retrievable format.
This high speed document imaging system is capable of scanning, cataloging, and archiving passport documents in a central data repository. CANDA provided support and solutions:
Finra description