Eight Elements of an Effective Plan for FISMA Compliance

Eight Elements of an Effective Plan for FISMA Compliance Complying with FISMA requirements can be tough. It's almost always time consuming, costly, and complex�and for some agencies it seems impossible to achieve. A recent GAO congressional report says that most agencies continue to have security weaknesses in major categories of controls. This puts U.S. economic and national security interests at risk. In fact, with the growing sophistication of security attacks, we've actually seen a dramatic rise in security incidents reported by agencies over the past few years.

If you're one of these agencies that's still struggling to achieve FISMA compliance, maybe it's time to jumpstart your risk management program.

Start by asking the following questions:

  • How do we protect our security boundaries and access points?
  • Which assets are at risk?
  • What should we include in our security incident procedures?
  • What are the expectations of real-time vulnerability alerts?
  • What is the importance of conducting periodic testing and evaluation?
  • Are your business line managers accountable for maintaining the security of their personnel, systems, facilities, and information?

If any of these leave you wondering, a new white paper, Closing the Control Gaps: Eight Elements of an Effective Plan for FISMA Compliance, can help you answer these and other important questions. This important paper from netForensics focuses on eight security practices that are essential to a successful compliance and cyber defense strategy. It discusses how you can leverage your existing technology and tools to identify, assess, and report on security-related issues, information, and events. The paper also offers insight into how you can ultimately provide tangible evidence of your efforts so you can meet FISMA compliance.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.