Chapter 2

Federal Information Security Fundamentals

Information in this chapter:

• Information Security in the Federal Government

• Government Sector-specific Practices

• History of Information Security Legislation and Other Drivers

• Certification and Accreditation Methodologies

• Organizational Roles and Responsibilities

Organizations implement security to protect assets, where an asset is anything of value owned by or under the control of an organization. Assets comprise both tangible property and intangible items or resources, notably including information; the discipline of information security protects information assets from loss or harm. The practices and protective mechanisms organizations put in place to safeguard their information assets ...

Get FISMA and the Risk Management Framework now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.