Google Apps gets FISMA-certified for government work
Google has landed an important federal certification for encryption and security. An official Google blog post said that the company has received Federal Information Security Management Act (FISMA) certification and accreditation from the U.S. government for its Google Apps office productivity suite, including Gmail. via Google Apps gets FISMA-certified for government work.
NIST Releases Continuous Monitoring FAQs
Continuous monitoring is at the center of proposed reform to FISMA, which is currently maligned as being an exercise in paperwork rather than an effective guide for cybersecurity. The National Institute of Standards and Technology (NIST) has released a list of 17 frequently asked questions about continuous monitoring. via NIST Releases Continuous Monitoring FAQs | [...]
FISMA II Looks to Institute Performance-Based Metrics
With 40 some pieces of cybersecurity legislation pending before Congress, FISMA II is one that has drawn significant attention from the government-contracting world. While most government agencies and federal contractors learned to check the box and implement whatever measures the act set as standards the first time around, the FISMA II will demand more than [...]
New Policy Revamps Agencies’ Approach To FISMA Compliance
The White House issued new cybersecurity marching orders to government agencies Wednesday, which top officials say will help redirect government efforts from wasteful paperwork compliance toward continuous monitoring and patching and more effective cybersecurity spending…. … Agencies have been spending as much as $1,400 per page on those reports under requirements of the Federal Information [...]
FISMA blasted at House hearing
“In my view, the implementation of FISMA has been like getting on a treadmill as a means to go to a destination,” Gilligan said in prepared testimony. “A treadmill is great if all you want is exercise, but it is not the way to reach a destination.,” he added. via FISMA blasted at House hearing [...]
OMB outlines shift on FISMA
In the seven years that it has been the law of the land, FISMA, The Federal Information Security Management Act, has helped raise awareness of the need for information security on the federal government's networks, as well as on the networks supporting private industry. But this latest version of the Office of Management and Budget's [...]
10 Steps To Ace A FISMA Audit
What follows are 10 commonsense steps you can take to prepare for a FISMA audit. While basic FISMA compliance won't always meet every government organization's security requirements–for example, you may be required to implement stricter data control requirements or a more involved change control process–you will have a sturdy base to build on. via 10 [...]
Does the storm over cloud security mean opportunity?
Absent such standards, Feigenbaum noted that Google received SaS 70 certification and shares the audit results on its security controls with customers. Google is also now seeking certification to comply with the Federal Information Security Management Act (FISMA). via Analysis: Does the storm over cloud security mean opportunity?.
CXOtoday.com > IT-GRC Solution on Cloud
There is built in framework support for RBI Compliance, NSE, BSE, MCDEX, PCI, ISO, COBiT, SOX, BASEL II, HIPAA, FISMA, and other country specific frameworks which are ready to use. SecureGRC has a not-so-far-seen value-add in terms of integrating, synergizing and transforming information from various sources into alert raising actionable solutions, helping in identifying the [...]
OMB, NIST release draft of new FISMA metrics
The National Institute of Standards and Technology and the Office of Management and Budget are proposing 11 new performance metrics to guide agencies in how they measure their computer network security. via Federal News Radio 1500 AM: OMB, NIST release draft of new FISMA metrics.
