• (775) 229-4254
  • support@itmsnv.com

Call Today (775) 229-4254

What you need to know about FISMA.

What is the Federal Information Security Management Act (FISMA)?

The Federal Information Security Management Act of 2002 (FISMA) assigns certain responsibilities to U.S. government agencies to ensure the confidentiality, integrity, and availability of federal government data. The act requires program officials to conduct annual reviews of information security programs. However, as of September 2012, the Office of Management and Budget (OMB) requires monthly data feeds to be sent to its CyberScope application portal.

Several publications from the National Institute of Standards and Technology (NIST) provide guidance on FISMA compliance, including the use of Security Content Automation Protocol (SCAP)-compliant VM solutions to facilitate FISMA reporting. The following four publications are particularly relevant to VM and continuous network monitoring solutions:

  • NIST 800-37: Guide for Applying the Risk Management Framework to Federal Information Systems
  • NIST 800-53: Recommended Security Controls for Federal Information Systems and Organizations
  • NIST 800-128: Guide for Security-Focused Configuration Management of Information Systems
  • NIST 800-137: Information Security Continuous Monitoring for Federal Information Systems

Click to read NIST 800-series Special Publications

Client Testimonials

IT Master Services Came to my house and upgraded the memory in my computer as well as installed a new hard drive and installed Windows 7. Then came back the following day for Free to show me how to use Windows 7. It is great to have a company that really cares about the customer.

Jackie A.
Sparks, Nevada