FISMA (Federal Information Security Management Act)
FISMA is the Federal Information Security Management Act. The FISMA Implementation Project was established during early 2003 in order to develop a range of crucial security guidelines and standards as required by Congressional legislation. Such publications constitute FIPS 200 and FIPS 199 together with the NIST Special Publications 800-59, 800-53, and 800-60.
The development of security guidance materials support the actual project, but this is not directly required through the FISMA legislation. These publications constitute the NIST Special Publications 800-53, 800-53A, and 800-37. The actual Computer Security Division constantly produces other security guidelines and standards to support the FISMA project.
The FISMA project aims to create the following:
- Minimum security standards for information together with information systems
- Categorical information procedures plus information system standards through mission impact
- Assessment guidelines regarding information security control systems together with identifying the effectiveness of such security control measures
- Guidelines for determining suitable information control systems
- Guidelines for the certification together with the accreditation of actual information systems
The FISMA project developers seek to attain the following from the aforementioned goals:
- Establishing security diligence levels for the federal agencies together with contractors which support the federal government
- Implementing risk-based and cost-effective information security control measures
- Attaining higher consistency levels regarding workable assessment procedures for security control measures
- Coming up with higher consistency levels when it comes to the application of functional security control measures throughout the structural information technology of the Federal government
- Developing reliable and comprehensive authorizing standards for facilitators who seek to make highly informed decisions when it comes to security accreditation
- Promoting enterprise-wide mission risk knowledge management based from structural information system control measures
|
|
- ITIL (Information Technology Infrastructure Library)
ITIL is an acronym for Information Technology Infrastructure Library. ITIL are a series of books and training manuals that outline and explain the practices that are the most beneficial to IT services (usually manager focused). The goal of ITIL is for managers to have extremely high standards in IT value, as well as high financial [...]...
- ITSM (Information Technology Service Management)
ITSM stands for Information Technology Service Management. It is a discipline that is widely used for managing large, medium and small scale information technology systems. ITSM is targeted towards the customer and is considered a consumer friendly approach to managing a wide variety of services. ITSM tries to put the consumer relationship first, by switching [...]...
- Information Lifecycle Management (ILM)
Information Lifecycle Management (ILM) is a process for maintaining information storage at the least possible cost, while concurrently maintaining appropriate levels of availability. The first phase in the Information Lifecycle Management process is to determine what information is being stored and how it is being accessed. The two steps in this phase are the Data [...]...
- Document Management System
In the information age, the process of input, delivery, storage, receipt, and categorization of data is critical. Companies, government entities, and individuals have to rely more and more on automated, reliable solutions in order to keep their information safe and readily accessible. A document management system (DMS) is an integrated network of compatible programs or [...]...
- Top IT Security Threats
Security has always been a priority concern of IT professionals, especially the Chief Information Officers (CIOs) who hold ultimate responsibility for their company’s computer and Internet security. In the years since the Internet first came on the scene, the security scenario has undergone rapid changes and developments as threat and counter-threats have been developed and [...]...