This chapter provides an overview of the Federal Information Security Modernization Act. In addition, a detailed review of National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) through an in-depth examination of each of the steps in the NIST RMF process.
FISMA; NIST; RMF; security assessment report; security; risk management
Information in this chapter:
• Introduction to FISMA
• Risk Management Framework Overview
• NIST RMF Process
The Federal Information Security Modernization Act (FISMA)1 was signed into law on December 18, 2014 in Public Law 113δ283. FISMA 2014 extended the provisions of FISMA 2002, which permanently reauthorized ...