FISMA and the Risk Management Framework PDF ePub eBook

Books Info:

FISMA and the Risk Management Framework free pdf FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies- the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones- and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems. * Learn how to build a robust, near real-time risk management system and comply with FISMA* Discover the changes to FISMA compliance and beyond* Gain your systems the authorization they need

About Daniel R. Philpott

Stephen Gantz (CISSP-ISSAP, CEH, CGEIT, CRISC, CIPP/G, C|CISO) is an information security and IT consultant with over 20 years of experience in security and privacy management, enterprise architecture, systems development and integration, and strategic planning. He currently holds an executive position with a health information technology services firm primarily serving federal and state government customers. He is also an Associate Professor of Information Assurance in the Graduate School at University of Maryland University College. He maintains a security-focused website and blog at http://www.securityarchitecture.com. Steve's security and privacy expertise spans program management, security architecture, policy development and enforcement, risk assessment, and regulatory compliance with major legislation such as FISMA, HIPAA, and the Privacy Act. His industry experience includes health, financial services, higher education, consumer products, and manufacturing, but since 2000 his work has focused on security and other information resources management functions in federal government agencies. His prior work history includes completing projects for government clients including the Departments of Defense, Labor, and Health and Human Services, Office of Management and Budget, Federal Deposit Insurance Corporation, U.S. Postal Service, and U.S. Senate. Steve holds a master's degree in public policy from the Kennedy School of Government at Harvard University, and also earned his bachelor's degree from Harvard. He is nearing completion of the Doctor of Management program at UMUC, where his dissertation focuses on trust and distrust in networks and inter-organizational relationships. Steve currently resides in Arlington, Virginia with his wife Renee and children Henry, Claire, and Gillian. Daniel Philpott is a Federal Information Security Architect with the Information Assurance Division of Tantus Technologies where he works with Federal agencies on FISMA compliance and Risk Management. Dan is a respected information security practitioner specializing in Federal information security needs including FISMA, Cybersecurity, SCAP, FDCC, HSPD-12, risk management, governance, cloud computing, social media and web application security. He is founder of the FISMApedia.org wiki and FISMA Arts training project. You can find his comments and analysis at Guerilla-CISO.com and ArielSilverstone.com, where he is a guest blogger. As a sought after public speaker on Federal information security he is frequently featured in interviews and articles by a variety of security news sources and podcasts. Dan started his career in IT at age 13, beta testing display terminals at ProType Corporation. Since that time he has held a variety of positions in the field. While often working on security issues (cryptography, host hardening, network hardening, resilient architectures and application security) he made information security his career in 1998 during his work at National Institute of Standards and Technology. In the Federal space he has worked with the National Institutes of Health, Department of Commerce Technology Administration, U.S. Agency for International Development and NIST. Having experienced Federal information security before and after FISMA he is a strong proponent of the changes FISMA has brought about. Approaching information security with a strong focus on effective reduction of risk, Dan brings an technical and operational security perspective to the theory and practice of FISMA compliance. His long experience in the IT security field provides his Federal clients with depth of knowledge and a diverse skill set encompassing compliance, governance, practice, technology and risk management.

Details Book

Author : Daniel R. Philpott
Publisher : Syngress Media,U.S.
Data Published : 31 December 2012
ISBN : 1597496413
EAN : 9781597496414
Format Book : PDF, Epub, DOCx, TXT
Number of Pages : 584 pages
Age + : 15 years
Language : English
Rating :

Reviews FISMA and the Risk Management Framework



17 Comments Add a comment




Related eBooks Download


  • Advances in Information Security Management and Small Systems Security free pdfAdvances in Information Security Management and Small Systems Security

    This book presents a state-of-the-art review of current perspectives in information security. focusing on technical as well as functional issues. The topics in this volume include the latest developments in: Information security management issues- Network security and protocols- Information security aspects of E-commerce- Distributed computing and access control- Security in mobile environments- Advances in intrusion detection- and..


  • Information Security Management Handbook free pdfInformation Security Management Handbook

    Updated annually. the Information Security Management Handbook is the most comprehensive and up-to-date reference available on information security and risk management. Bringing together the knowledge..


  • Information Security Management and Small Systems Security free pdfInformation Security Management and Small Systems Security

    This book presents a state-of-the-art review of current perspectives in information security management and small systems security. focusing on technical and functional as well as managerial issues..


  • Managing Risk and Performance free pdfManaging Risk and Performance

    Discover analytical tools and practices to help improve the quality of risk management in government organizations Federal agencies increasingly recognize the importance of active risk management to help ensure that they can carry out their missions..


  • The Security Risk Assessment Handbook free pdfThe Security Risk Assessment Handbook

    The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments provides detailed insight into precisely how to conduct an information security risk assessment..


  • FISMA and the Risk Management Framework free pdfFISMA and the Risk Management Framework

    Free Books On Tape. FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the fram