• (775) 229-4254
  • support@itmsnv.com

Call Today (775) 229-4254

What you need to know about FISMA.

What is the Federal Information Security Management Act (FISMA)?

The Federal Information Security Management Act of 2002 (FISMA) assigns certain responsibilities to U.S. government agencies to ensure the confidentiality, integrity, and availability of federal government data. The act requires program officials to conduct annual reviews of information security programs. However, as of September 2012, the Office of Management and Budget (OMB) requires monthly data feeds to be sent to its CyberScope application portal.

Several publications from the National Institute of Standards and Technology (NIST) provide guidance on FISMA compliance, including the use of Security Content Automation Protocol (SCAP)-compliant VM solutions to facilitate FISMA reporting. The following four publications are particularly relevant to VM and continuous network monitoring solutions:

  • NIST 800-37: Guide for Applying the Risk Management Framework to Federal Information Systems
  • NIST 800-53: Recommended Security Controls for Federal Information Systems and Organizations
  • NIST 800-128: Guide for Security-Focused Configuration Management of Information Systems
  • NIST 800-137: Information Security Continuous Monitoring for Federal Information Systems

Click to read NIST 800-series Special Publications

Client Testimonials

It is my pleasure to comment on my relationship with Mark and on the work he has done for me over the past few years. Basically, there are few service providers (of any type) who are as committed, honest, diligent and patient as Mark Albin. For me the recent experience of totally converting/updating my office was a fantastic one primarily due to Mark’s abilities. As you can tell, I would recommend his services without hesitation.

Jennifer Q.
Reno, Nevada