Sale!

FISMA Principles and Best Practices Beyond Compliance 1st Edition by Patrick Howard 1420078305 9781466508347

Original price was: $50.00.Current price is: $35.00.

FISMA Principles and Best Practices Beyond Compliance 1st Edition Patrick D. Howard (Author) Digital Instant Download

Author(s): Patrick D. Howard (Author)
ISBN(s): 9781466508347, 1420078305
Edition: 1
File Details: PDF, 6.38 MB
Year: 2011
Language: english
SKU: EB-11910174 Category: Tag:

FISMA Principles and Best Practices Beyond Compliance 1st Edition by Patrick Howard – Ebook PDF Instant Download/Delivery: 1420078305, 9781466508347

Full download FISMA Principles and Best Practices Beyond Compliance 1st Edition after payment

Product details:

ISBN 10: 1420078305 

ISBN 13: 9781466508347

Author: Patrick D. Howard

While many agencies struggle to comply with Federal Information Security Management Act (FISMA) regulations, those that have embraced its requirements have found that their comprehensive and flexible nature provides a sound security risk management framework for the implementation of essential system security controls. 

Table of contents:

Part I Introduction
Chapter 1 Analysis of the Federal Information Security Management Act (FISMA)
Agency-Level FISMA Requirements
Purposes
Federal Agency Responsibilities
Agency-Level Information Security Programs
Agency Reporting
Annual Independent Evaluation
National Security Systems
FISMA Requirements Case Study
General FISMA Requirements
Requirements for Senior Agency Officials
Requirements for CIOs
Information Security Program Requirements
Potential Changes
Conclusions

Chapter 2 Principles of FISMA Reporting
Annual Reporting
Quarterly Reporting
Report Preparation
Weaknesses in FISMA Reporting
Recent Improvements
Conclusions

Part II Managing FISMA Compliance
Security Risk Management
Security Program Management
Critical Tasks for Information Security Program Management

Chapter 3 Management Support
CISO Characteristics
CIO Support
Senior Executive Support
Support of Business Unit Leaders
Support of Security and IT Specialists
Support of System Owners
Support of Project Managers and Supervisors
Support from Other Managers
Nature of Support
Support in System Operation
Support in Acquisitions
Support in System Authorization
Summary

Chapter 4 The Information Security Organization
FISMA Requirements for the Information Security Function
Defining Requirements
Organizational Placement
Functional Capabilities
Formalization of the Organization
Organizational Compliance Roles
The System Owner Role
The ISSO Framework
Authorizing Official Framework
Organizing to Communicate
Traits of an Effective Information Security Organization
Independence
Authority
Compliance Organization Operations
Contractor Support
Scope
Summary

Chapter 5 Staffing Considerations
Key Qualities
Staffing to Meet Compliance Objectives
Job Descriptions
Hiring
Working with Contractors
Managing Security Compliance Personnel
Staffing Other Positions
Summary

Chapter 6 Program Planning
Information Security Program Design and Development
The Information Security Strategic Plan
Implementing the Plan
Measuring Performance
Related Plans
Other Planning Considerations
Summary

Chapter 7 Developing Policy and Guidance
Security Policy Considerations
Supporting Security Documentation
Rules of Behavior
System Authorization Process
System Categorization Process
Contingency Planning Process
Security Impact Assessment Process
Other Considerations
Conclusions

Chapter 8 Training and Awareness
New User Training
Refresher Awareness Training
Topical Training
Role-Based Training
Security Team Professionalization
The CISO as Chief Security Trainer
Training Methods
Best Practices for Training and Awareness
Summary

Chapter 9 Audit Liaison
Audit Preparation
Kicking Off the Audit
During the Audit
The Audit Report
Conclusion

Chapter 10 Monitoring Mechanisms
Compliance Review Process
Annual Controls Testing
Monitoring in Real Time
Remediation Tracking
Other Monitoring Activities
Conclusion

Chapter 11 Life-Cycle Issues
The CISO Role
Information Technology Governance
Requirements Definition Phase Issues
Development/Acquisition Phase Issues
Operation and Maintenance Phase Issues
Providing Project Support
Conclusion

Chapter 12 Outreach
Why the Need for Outreach?
Building Relationships
Best Practices
CISO Awareness
Information Sharing
Preparing for Outreach
Summary

Part III Summary
Negative Effects of FISMA
Improvements Resulting from FISMA
FISMA and the Future

People also search:

fisma compliance handbook

fisma compliance handbook pdf

fisma principles

is fisma a framework

Tags: Patrick Howard, Principles, FISMA, Practices