FISMA Management: Getting Value from Compliance  
  SEARCH: Sign In | Register | Contact Us | Site Map | Home  

White Papers for Federal Information Security Management Act (FISMA)

FISMA Management: Getting Value from Compliance

CA

The Federal Information Security Management Act of 2002 (FISMA) was written to enforce good information assurance practices. You would therefore expect to find a large overlap between what your agency is required to do under FISMA, and what you would have done anyway as a matter of best practice. In general, this is true, and most of the activities required for FISMA compliance help make your agency more secure.
The primary disconnect between compliance and security comes from the reporting requirements under FISMA. The FISMA reports are necessary for the Office of Management and Budget (OMB) and Congress to fulfill their oversight functions. Unfortunately, FISMA reports do not contain enough information to support the day-to-day security operations of your agency. This paper offers an approach to FISMA management that provides the information you need to manage your agency’s Information Assurance (IA) program and to automate compliance with FISMA reports.

View the White Paper



Share or bookmarklet this web page at:



Google
Privacy Policy | Terms & Conditions | Support | Directory Links | Contact Us | Site Map | Home
Copyright © 2007-2008 ComplianceHome.com. A SUPREMUS GROUP venture. All rights reserved.