Freshly Printed - allow 10 days lead
Couldn't load pickup availability
FISMA and the Risk Management Framework
The New Practice of Federal Cyber Security
Learn how to meet federal information security compliance requirements and manage security risks for your organization's information systems!
Daniel R. Philpott (Author), Stephen D. Gantz (Author)
9781597496414, Elsevier Science
Paperback / softback, published 31 December 2012
584 pages, Approx. 115 illustrations
23.5 x 19 x 3.6 cm, 0.94 kg
"For the person who needs to build a solid IT system and get it through the process of security authorization, this work will be a perfect source. The authors structured the contents logically, which makes it easy to find information. The book can be used as a compendium of security knowledge, to which one can return many times to find important details when needed." --IEEE Communications, July 2014 "Gantz explains the Federal Information Security Management Act (FISMA), describes the obligations it places on federal agencies and others subject to the legislation's rules about securing information systems, and details the processes and activities needed to implement effective information security management following FISMA and using the Risk Management Framework of the National Institute of Standards and Technology." --Reference and Research Book News, August 2013
FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems.
Chapter 1: Introduction Chapter 2: Federal Information Security Fundamentals Chapter 3: Thinking About Risk Chapter 4: Thinking About Systems Chapter 5: Success Factors Chapter 6: Risk Management Framework Planning and Initiation Chapter 7: Risk Management Framework Steps 1 & 2 Chapter 8: Risk Management Framework Steps 3 & 4 Chapter 9: Risk Management Framework Steps 5 & 6 Chapter 10: System Security Plan Chapter 11: Security Assessment Report Chapter 12: Plan of Action and Milestones Chapter 13: Risk Management Chapter 14: Continuous Monitoring Chapter 15: Contingency Planning Chapter 16: Privacy Chapter 17: Federal Initiatives Appendix A: References Appendix B: Acronyms Appendix C: Glossary Index
Subject Areas: Computer security [UR], Management of specific areas [KJMV]
