FISMA Principles and Best Practices: Beyond Compliance / Edition 1

FISMA Principles and Best Practices: Beyond Compliance / Edition 1

by Patrick D. Howard
     
 

ISBN-10: 1420078291

ISBN-13: 9781420078299

Pub. Date: 04/19/2011

Publisher: Taylor & Francis

While many agencies struggle to comply with Federal Information Security Management Act (FISMA) regulations, those that have embraced its requirements have found that their comprehensive and flexible nature provides a sound security risk management framework for the implementation of essential system security controls. Detailing a proven approach for establishing

…  See more details below

Overview

While many agencies struggle to comply with Federal Information Security Management Act (FISMA) regulations, those that have embraced its requirements have found that their comprehensive and flexible nature provides a sound security risk management framework for the implementation of essential system security controls. Detailing a proven approach for establishing and implementing a comprehensive information security program, FISMA Principles and Best Practices: Beyond Compliance integrates compliance review, technical monitoring, and remediation efforts to explain how to achieve and maintain compliance with FISMA requirements. Based on the author's experience developing, implementing, and maintaining enterprise FISMA-based information technology security programs at three major federal agencies, including the U.S. Department of Housing and Urban Development, the book gives you workable solutions for establishing and operating an effective security compliance program. It delineates the processes, practices, and principles involved in managing the complexities of FISMA compliance. Describing how FISMA can be used to form the basis for an enterprise security risk management program, the book:
• Provides a comprehensive analysis of FISMA requirements
• Highlights the primary considerations for establishing an effective security compliance program
• Illustrates successful implementation of FISMA requirements with numerous case studies Clarifying exactly what it takes to gain and maintain FISMA compliance, Pat Howard, CISO of the Nuclear Regulatory Commission, provides detailed guidelines so you can design and staff a compliance capability, build organizational relationships, gain management support, and integrate compliance into the system development life cycle. While there is no such thing as absolute protection, this up-to-date resource reflects the important security concepts and ideas for addressing information security requirements

Read More

Product Details

ISBN-13:
9781420078299
Publisher:
Taylor & Francis
Publication date:
04/19/2011
Edition description:
New Edition
Pages:
345
Product dimensions:
6.30(w) x 9.20(h) x 1.00(d)

Table of Contents

Introduction
Analysis of the Federal Information Security Management Act (FISMA)
Principles of FISMA Reporting

Managing FISMA Compliance
Management Support
The Information Security Organization
Staffing Considerations
Program Planning
Developing Policy and Guidance
Training and Awareness
Audit Liaison
Monitoring Mechanisms
Life-Cycle Issues
Outreach

Summary

Appendices:
The FISMA Legislation
OMB FISMA Reporting Guidelines
OMB FISMA FY10 Reporting Questionnaires
Consensus Audit Guidelines
Bibliography

Index

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >