FISMA Security Auditing with SVT
What is FISMA and who does it apply to?
The Federal Information Security Management Act (FISMA) is a United States federal law that was enacted in 2002. It is the overarching requirements authority for government-related systems and is supported by NIST standards. It recognized the importance of information security to the economic and national security interests of the United States and requires all federal agencies to develop, document, and implement an agency-wide information security program. This includes services and solutions provided or managed by another agency, contractor, or other source. This means if your company does business with the U.S. federal government, you may be required to adhere to and provide evidence of compliance with the FISMA requirements.
How does FISMA affect your enterprise?
FISMA is essentially a family of requirements documents maintained by the National Institute of Science and Technology (NIST). Each of these documents addresses specific aspects of information security. For example, NIST SP800-53 deals primarily with many of IT control requirements. These include items such as password and account management, content of audit data, security training, and much more.
But FISMA isn’t just a standard for federal systems; because it is based on solid information security best practices, it is equally important to any organization.
How SVT can help you!
Many of the NIST SP800-53 control families are process or policy-related requirements, in other words not managed by IT technical systems. Of the remaining controls, SVT Audit Manager monitors all that can be audited within a Microsoft Windows environment. This means over 100 report combinations can produce data from several of control families including Access Control, Audit and Accountability, Configuration Management, and Maintenance – all mapped directly to NIST audit controls.
SVT Audit Manager provides you with a mechanism that supports sound, repeatable security management, and that’s a cornerstone security requirement regardless of which standard you must adhere to.
Please contact us today for more information on how SVT Audit Manager can help meet your regulation needs.