Book description
FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems.- Learn how to build a robust, near real-time risk management system and comply with FISMA
- Discover the changes to FISMA compliance and beyond
- Gain your systems the authorization they need
Table of contents
- Cover image
- Title page
- Table of Contents
- Copyright
- Dedication
- Trademarks
- Acknowledgements
- About the Author
- Chapter 1. Introduction
- Chapter 2. Federal Information Security Fundamentals
- Chapter 3. Thinking About Risk
- Chapter 4. Thinking About Systems
- Chapter 5. Success Factors
- Chapter 6. Risk Management Framework Planning and Initiation
- Chapter 7. Risk Management Framework Steps 1 & 2
- Chapter 8. Risk Management Framework Steps 3 & 4
- Chapter 9. Risk Management Framework Steps 5 & 6
- Chapter 10. System Security Plan
- Chapter 11. Security Assessment Report
- Chapter 12. Plan of Action and Milestones
- Chapter 13. Risk Management
- Chapter 14. Continuous Monitoring
- Chapter 15. Contingency Planning
-
Chapter 16. Privacy
- Privacy Requirements for Federal Agencies Under FISMA and the E-Government Act
- Federal Agency Requirements Under the Privacy Act
- Privacy Impact Assessments
- Protecting Personally Identifiable Information (PII)
- Other Legal and Regulatory Sources of Privacy Requirements
- Relevant Source Material
- Summary
- References
- Chapter 17. Federal Initiatives
- Appendix A. References
- Appendix B. Acronyms
- Appendix C. Glossary
- Index
Product information
- Title: FISMA and the Risk Management Framework
- Author(s):
- Release date: December 2012
- Publisher(s): Syngress
- ISBN: 9781597496421
You might also like
book
Building Microservices, 2nd Edition
Distributed systems have become more fine-grained as organizations shift from code-heavy monolithic applications to smaller, self-contained …
book
Head First Design Patterns, 2nd Edition
You know you don’t want to reinvent the wheel, so you look to design patterns—the lessons …
book
Fundamentals of Software Architecture
Salary surveys worldwide regularly place software architect in the top 10 best jobs, yet no real …
book
Hands-On Security in DevOps
Protect your organization's security at all levels by introducing the latest strategies for securing DevOps Key …