• (775) 229-4254
  • support@itmsnv.com

Call Today (775) 229-4254

What you need to know about FISMA.

What is the Federal Information Security Management Act (FISMA)?

The Federal Information Security Management Act of 2002 (FISMA) assigns certain responsibilities to U.S. government agencies to ensure the confidentiality, integrity, and availability of federal government data. The act requires program officials to conduct annual reviews of information security programs. However, as of September 2012, the Office of Management and Budget (OMB) requires monthly data feeds to be sent to its CyberScope application portal.

Several publications from the National Institute of Standards and Technology (NIST) provide guidance on FISMA compliance, including the use of Security Content Automation Protocol (SCAP)-compliant VM solutions to facilitate FISMA reporting. The following four publications are particularly relevant to VM and continuous network monitoring solutions:

  • NIST 800-37: Guide for Applying the Risk Management Framework to Federal Information Systems
  • NIST 800-53: Recommended Security Controls for Federal Information Systems and Organizations
  • NIST 800-128: Guide for Security-Focused Configuration Management of Information Systems
  • NIST 800-137: Information Security Continuous Monitoring for Federal Information Systems

Click to read NIST 800-series Special Publications

Client Testimonials

In a world where all of us are dependent on computers, but most of us dwell somewhere between knowing almost nothing and knowing just enough to get ourselves in trouble, trustworthy network support means everything but is not easy to find. IT Master Services always helps when we need it most!

Amanda S.
Reno, Nevada