Security Threat Advisory
Looking Glass
FireEye
Governance Risk and Compliance
Governance / Risk / Compliance
Strategic Consulting
ADSIC
FISMA
ISO 20000 ITSM
ISO 22301 BCMS
ISO 27001 ISMS
PCI DSS
Information Security Review

Data & App Security

Database Security & Protection Data Encryption & Control Enterprise Digital Rights Management Data Vulnerability Assessment Application Protection Vulnerability Assessment & Penetration Testing Web Application Firewall Data Governance

Network Security

Network Access Control Next Generation Firewall Email Security Network IPS Web Gateway Next Generation APT Next Generation DDoS Mitigation Smart DDI

Security Operation & Response

Governance Risk & Compliance Cyber Security Transaction Monitoring Compromised Card Monitoring Incident Response & Orchestration Encrypted Calls and Messaging Travel Risk Management & Crisis Avoidance Anti Phishing Services

User Security

Identity Management Single Sign On Two Factor Authentication Privileged User Password Management Insider Threat Management Endpoint Security Management Endpoint Detection & Remediation Employee Monitoring Tool

Infrastructure Security

Virtual Security SCADA Security Mobile Device Management Public Key Infrastructure Certificates

Policy & Compliance Management

NETconsent Compliance Suite File Integrity Monitoring, Network Configuration, and Compliance

Overview

(FISMA ) Federal Information Assurance Management Act Background
The National Institute of Standards and Technology (NIST) was tasked to formulate and publish standards for all federal agencies to follow when developing information security policy and procedures. NIST produced FISMA to standardize a process for IT security policy development focused on government operations. FISMA requires each U.S. government agency to develop, document and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source. Each phase in the FISMA security certification and accreditation process consists of a set of well-defined tasks and sub tasks that are to be carried out, as indicated, by responsible individuals (e.g., the Chief Information Officer, authorizing official, authorizing official's designated representative, senior agency information security officer, information system owner, information owner, information system security officer, certification agent, and user representatives).

The FISMA encompasses multiple such standards and guidance geared completely toward supporting FISMA reporting requirements.

The key aspects of this program are as follows:

Standards for categorizing information and information systems by mission impact
Standards for minimum security requirements for information and information systems
Guidance for selecting appropriate security controls for information systems
Guidance for assessing security controls in information systems and determining security control effectiveness
Guidance for certifying and accrediting information systems

Highlights of our FISMA compliance Service

Identifies gaps in your agency's security program and FISMA reporting
Provides detailed recommendations for remediating or maintaining compliance
Dedicated resources help allow your agency team members to focus on business issues rather than security matters
Designed to improve compliance and security by implementing appropriate solutions

The Federal Information Security Management Act was first enacted in 2002 as part of the Electronic Government, also known as E-Government, Act. Among other reasons, the E-Government Act was created to allow enhanced access to government information and services. However, this increase in access requires an increase in security, hence the FISMA.

FISMA is mandatory for almost all tier-1 companies that could enhance your network's security and increase your compliance..