Book description
The only book that instructs IT Managers to adhere to federally mandated certification and accreditation requirements.This book will explain what is meant by Certification and Accreditation and why the process is mandated by federal law. The different Certification and Accreditation laws will be cited and discussed including the three leading types of C&A: NIST, NIAP, and DITSCAP. Next, the book explains how to prepare for, perform, and document a C&A project. The next section to the book illustrates addressing security awareness, end-user rules of behavior, and incident response requirements. Once this phase of the C&A project is complete, the reader will learn to perform the security tests and evaluations, business impact assessments system risk assessments, business risk assessments, contingency plans, business impact assessments, and system security plans. Finally the reader will learn to audit their entire C&A project and correct any failures.
* Focuses on federally mandated certification and accreditation requirements
* Author Laura Taylor's research on Certification and Accreditation has been used by the FDIC, the FBI, and the Whitehouse
* Full of vital information on compliance for both corporate and government IT Managers
Table of contents
- Cover image
- Title page
- Table of Contents
- VISIT US AT
- Copyright
- Acknowledgments
- Author
- Contributing Author
- Technical Editor
- Foreword
- Preface
- Chapter 1: What Is Certification and Accreditation?
- Chapter 2: Types of Certification and Accreditation
- Chapter 3: Understanding the Certification and Accreditation Process
- Chapter 4: Establishing a C&A Program
- Chapter 5: Developing a Certification Package
- Chapter 6: Preparing the Hardware and Software Inventory
- Chapter 7: Determining the Certification Level
- Chapter 8: Performing and Preparing the Self-Assessment
- Chapter 9: Addressing Security Awareness and Training Requirements
- Chapter 10: Addressing End-User Rules of Behavior
- Chapter 11: Addressing Incident Response
- Chapter 12: Performing the Security Tests and Evaluation
- Chapter 13: Conducting a Privacy Impact Assessment
- Chapter 14: Performing the Business Risk Assessment
- Chapter 15: Preparing the Business Impact Assessment
- Chapter 16: Developing the Contingency Plan
- Chapter 17: Performing a System Risk Assessment
- Chapter 18: Developing a Configuration Management Plan
- Chapter 19: Preparing the System Security Plan
- Chapter 20: Submitting the C&A Package
- Chapter 21: Evaluating the Certification Package for Accreditation
- Chapter 22: Addressing C&A Findings
- Chapter 23: Improving Your Federal Computer Security Report Card Scores
- Chapter 24: Resources
- FISMA
- OMB Circular A-130: Appendix III
- FIPS 199
- Index
Product information
- Title: FISMA Certification and Accreditation Handbook
- Author(s):
- Release date: December 2006
- Publisher(s): Syngress
- ISBN: 9780080506531
You might also like
book
CCNA®: Cisco® Certified Network Associate: Fast Pass, Third Edition
Organized by exam objectives, this is a focused, concise review guide that works hand-in-hand with any …
book
Physical Security and Safety
How-To Guide Written By Practicing Professionals Physical Security and Safety: A Field Guide for the Practitioner …
book
CCSP Official (ISC)2 Practice Tests
The only official CCSP practice test product endorsed by (ISC)² With over 1,000 practice questions, this …
book
FISMA Compliance Handbook
This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook …
