FISMA and the Risk Management Framework
The New Practice of Federal Cyber Security
By- Stephen Gantz, CISSP-ISSAP, CEH, CGEIT, CRISC, CIPP/G, Founder and Principal Architect of SecurityArchitecture.com.
- Daniel Philpott, Daniel Philpott, Federal Information Security Architect, Information Assurance Division of Tantus Technologies
If you are responsible for meeting federal information security requirements such as FISMA, this book is all you need to know to get a system authorized. Now in the first full revision of FISMA since its inception in 2002, a new wave of stronger security measures are now available through the efforts of the Department of Defense, Office of the Directory of National Intelligence, Committee for National Security Systems and the National Institute of Standards and Technology.
Based on the new FISMA requirements for 2011 and beyond, this book catalogs the processes, procedures and specific security recommendations underlying the new Risk Management Framework. Written by an experienced FISMA practitioner, this book presents an effective system of information assurance, real-time risk monitoring and secure configurations for common operating systems.
Audience
Information Security Auditors; Information Security Analysts, Penetration Testers, FISMA compliance staff, ST&E contractors, Information Security Engineers
Paperback, 584 Pages
Published: November 2012
Imprint: Syngress
ISBN: 978-1-59749-641-4
Contents
Chapter 1: Introduction
Chapter 2: Federal Information Security Fundamentals
Chapter 3: Thinking About Risk
Chapter 4: Thinking About SystemsChapter 5: Success Factors
Chapter 6: Risk Management Framework Planning and InitiationChapter 7: Risk Management Framework Steps 1 & 2
Chapter 8: Risk Management Framework Steps 3 & 4Chapter 9: Risk Management Framework Steps 5 & 6
Chapter 10: System Security PlanChapter 11: Security Assessment Report
Chapter 12: Plan of Action and MilestonesChapter 13: Risk Management
Chapter 14: Continuous MonitoringChapter 15: Contingency Planning
Chapter 16: PrivacyChapter 17: Federal Initiatives
Appendix A: ReferencesAppendix B: Acronyms
Appendix C: GlossaryIndex
