What is FISMA? Part II.

This is a continuation of the previous article, “What is FISMA?“.

Implement - At this stage, security controls are implemented. This requires taking all of the information in the previous steps and applying them in a practical manner to the information systems. For example, if a system was given a security of categorization of Low from the Categorize step, the Low set of controls from NIST 800-53 would be implemented. In addition, any supplemental controls that management deemed necessary, would also be implemented. Read more

• Categories

  • Access Control
  • Certification and Accreditation
  • FISMA
  • Security

• Tags

  Access Controls Accreditation Certification DIACAP E-Government Act FISMA GLBA HIPAA NIST Sarbanes Oxley Security

• Calendar

  June 2008

  S	M	T	W	T	F	S
  « May
  1	2	3	4	5	6	7
  8	9	10	11	12	13	14
  15	16	17	18	19	20	21
  22	23	24	25	26	27	28
  29	30

• Company Links

  • Aviel
  • CSCI
  • NGS

• Security Links

  • CCCure.org
  • CIS
  • DISA STIGs
  • NIST SP800
  • Nmap
  • Security Tools
  • Wireshark

• Recent Posts

  • What is FISMA? Part II.
  • What is FISMA?
  • Certification and Accreditation
  • Access Controls

• Recent Comments

  • What is FISMA? Part II. : CSCI Security Blog on What is FISMA?
  • Jeremy’s Brain Dump » FISMA on What is FISMA?
  • Jeremy’s Brain Dump » Access Controls Article on Access Controls

• Subscribe through Feedburner

  • 
  • 
  • 
  • 

• US CERT High Risk Activity

  • SSH Key-based Attacks August 27th 2008
  • Microsoft Revised Security Bulletin MS08-051 August 25th 2008
  • Red Hat Releases OpenSSH Security Update August 25th 2008
  • Malware Circulating via Russia/Georgia Conflict Spam Messages August 21st 2008
  • Opera Releases Version 9.52 August 21st 2008
  • Webex Meeting Manager ActiveX Control Vulnerability August 18th 2008
  • Joomla! Password Reset Vulnerability August 14th 2008
  • Apple MobileMe Phishing Scam August 13th 2008
  • Microsoft Releases August Security Bulletin August 12th 2008
  • Microsoft Releases Advanced Notification for August Security Bulletin August 7th 2008