FISMA Certification and Accreditation HandbookBy
- L. Taylor
The only book that instructs IT Managers to adhere to federally mandated certification and accreditation requirements.This book will explain what is meant by Certification and Accreditation and why the process is mandated by federal law. The different Certification and Accreditation laws will be cited and discussed including the three leading types of C&A: NIST, NIAP, and DITSCAP. Next, the book explains how to prepare for, perform, and document a C&A project. The next section to the book illustrates addressing security awareness, end-user rules of behavior, and incident response requirements. Once this phase of the C&A project is complete, the reader will learn to perform the security tests and evaluations, business impact assessments system risk assessments, business risk assessments, contingency plans, business impact assessments, and system security plans. Finally the reader will learn to audit their entire C&A project and correct any failures.
Published: December 2006
- 1: What Is Certification and Accreditation? 2: Types of Certification and Accreditation 3: Understanding the Certification and Accreditation Process 4: Establishing a Certification and Accreditation Program 5: Preparing a Certification Package 6: Determining the Certification and Accreditation Level 7: Preparing the Hardware and Software Inventory 8: Performing and Preparing the Self-Assessment 9: Addressing Security Awareness, Training, and Education 10: Addressing End-User Rules of Behavior 11: Addressing Incident Response 12: Performing the Security Tests and Evaluations 13: Performing and Preparing the Business Risk Assessment 14: Performing and Preparing the Business Impact Assessment 15: Performing a System Risk Assessment 16: Performing and Preparing the Contingency Plan 17: Developing a Configuration Management Plan 18: Preparing the System Security Plan 19: Putting Together the Final Certification Package 20: Evaluating the Certification Package for Accreditation 21: Addressing Certification and Accreditation Failures 22: Improving Your FISMA Report Card Scores 23: Resources