FISMA stands for the Federal Information Security Management Act. FISMA compliance requires federal agencies to implement information security plans to protect sensitive data.
FISMA also spawned the creation of the National Institute of Standards & Technology (NIST), which is the organization that develops and releases guidance on cybersecurity best practices and standards. To become compliant with FISMA, organizations should follow the cyber security frameworks set forth by NIST 800-53 and NIST 800-171 as well as the primary FISMA requirements listed below.
FISMA compliance is required for any organizations/projects that handle federal data.
Examples of types of organizations that would be required to follow standards set forth by FISMA include: federal agencies, state agencies implementing federal programs, contractors or other private businesses with access to federal data.
As mentioned above, a good starting point for achieving FISMA compliance is following the guidelines set forth in the NIST 800 series documents. Following these requirements will help get you started in the right direction and set a good foundation for FISMA compliance
If you have any questions, concerns, or need assistance regarding FISMA compliance, Red Lion are available to help. Our security compliance professionals have a wide variety of experience and are fully capable of handling the needs of all clients regardless of company size or industry.
Do you still have questions regarding FISMA? Our compliance professionals can help you to understand and comply with the FISMA, regardless of complexity.
Contact Us Today