Definition: FISMA is a comprehensive set of information assurance “best practices” used by the federal government. The acronym stands for Federal Information Security Act of 2002. The Standards outline acceptable policies and controls that cover the full scope of operational information assurance. Detailed information can be found at the web site: http://csrc.nist.gov/groups/SMA/fisma/index.html. Each agency must operate with its agency’s implementation of the requirements. Included in the methodology is the idea of risk assessment, security awareness training, how to respond to security incidents, planning and much more. The set of rules was designed to provide for the confidentiality, integrity and availability of information.
Its Relevance: The national government’s information assurance standards would provide a private user with an excellent overview of what to include in his or her own information assurance program. More importantly, however, if an organization does business with a government agency or contractor it must comply with the Act, Too.
Return from "FISMA" to words [D - F]