The National Institute of Standards and Technology, as part of its responsibilities under the Federal Information Security Management Act (FISMA), published a number of documents, standards, and guidelines to help federal organizations define, manage, and assess the security of their information.
McAfee Foundstone, as a security specialist, is focused on helping organizations navigate the vast documentation landscape to assist in establishing, validating, and managing information security programs. The FISMA Security Controls Assessment helps fulfill organization’s certification and accreditation responsibilities under FISMA, enabling you to achieve Authority to Operate with minimal residual risk.
We are capable of delivering in the federal civilian, DoD, and intelligence community spaces, leveraging an organization’s pre-defined process and reporting templates, such as the Centers for Medicare and Medicaid Services (CMS) Acceptable Risk Safeguards, or using our own.
Our team of consultants has undergone background checks and many hold security clearances.
The FISMA Security Controls Assessment follows a structured approach to help organizations obtain Authority to Operate quickly and with little residual risk:
Foundstone offers the following services and training related to FISMA compliance.