Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is FISMA compliance mostly a paperwork exercise?

compliance Exercise FISMA paperwork
0
10 Posted

Is FISMA compliance mostly a paperwork exercise?

0 CommentsAdd a Comment

1 Answer

0
10

No. FISMA compliance requires the thoughtful selection and employment of stringent security controls for federal information systems using a risk-based approach to protect critical federal missions and business functions. In addition to technology-based controls such as access control, identification and authentication, audit and accountability, encryption, and system and communications protection, there are also management and operational controls that address important security areas such physical security, personnel security, continuity of operations, awareness and training, incident response, security planning, system integrity, and acquisition. Developing sound security policies and procedures is a critical aspect of building an effective information security program. Security policies, while administrative in nature, demonstrate in clear and unequivocal teams, senior managements commitment to information security and protecting the organizations operations (mission, functions, im

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123