Home > Security Definitions - Federal Information Security Management Act
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

Federal Information Security Management Act


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

DEFINITION - The Federal Information Security Management Act (FISMA) defines a comprehensive framework to protect government information, operations, and assets against natural or humanmade threats. FISMA was signed into law part of the Electronic Government Act of 2002.

FISMA assigns responsibilities to various agencies to ensure the security of data in the federal government. The act requires program officials, and the head of each agency, to conduct annual reviews of information security programs, with the intent of keeping risks at or below specified acceptable levels in a cost-effective, timely, and efficient manner. The National Institute of Standards and Technology ( NIST ) outlines nine steps toward compliance with FISMA:

  1. Categorize the information to be protected
  2. Select minimum baseline controls
  3. Refine controls using a risk assessment procedure
  4. Document the controls in the system security plan
  5. Implement security controls in appropriate information systems
  6. Assess the effectiveness of the security controls once they have been implemented
  7. Determine agency-level risk to the mission or business case
  8. Authorize the information system for processing
  9. Monitor the security controls on a continuous basis

LAST UPDATED: 06 Mar 2009

Read more about Federal Information Security Management Act:
- SearchSecurity.com provides links to information about FISMA for security professionals.
- NIST publishes news updates concerning the FISMA Implementation Project.
- Fisma.org provides essential documents as well as questions and answers.


Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com


BROWSE BY TAG
Security Audit, Compliance and Standards,   FISMA,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
DHS fills National Cybersecurity Center post
Former Microsoft executive Philip Reitinger will lead the DHS' cybersecurity operations, filling a post vacated by Rod Beckstrom.
Experts optimistic of Obama cybersecurity plan
Information Security magazine's Michael Mimoso reported on the Obama cybersecurity announcement. He interviewed security experts Howard Schmidt, Paul...
WH cybersecurity plan needs private sector guidance
The job of critical infrastructure protection must include guidance from the private sector to put best practices to work at the federal level.




Get More Federal Information Security Management Act Answers
Find Targeted Federal Information Security Management Act Answers for Channel Professionals
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts