COMPLIANCE
Government
DEFINITION:
Formally titled "The Federal Information
Security Management Act of 2002", FISMA was passed as part of the Homeland Security Act of 2002 and the E-Government Act of
the same year and imposes strong requirements to rapidly improve the security of government information.
CHALLENGE:
FISMA requires federal agencies to establish agency-wide risk-based information security
programs to secure the information and information systems that support their associated operations and assets and demonstrate
how well they are meeting all of FISMA's provisions. FISMA's provisions fall into three major categories: assessment, enforcement
and compliance. Agencies that fail to comply with the mandates of FISMA risk facing budget or resource cuts.
FISMA
applies to any federal agencies, contractors, or organizations whose information systems possess or make use of federal information.
SOLUTION:
Net Compliance Solutions enables agencies to audit and measure their network
risk, enforce security policies and document compliance with FISMA requirements. If a machine, network device, or application
is out of compliance, if data is not secure, if a router is misconfigured, if a database is located in an insecure location,
Net Compliance Solutions will explain the policy violation, and tell you how to remediate the violation through the use of
a configuration change or a verified patch from a vendor.
Net Compliance Solutions also provides executive and technical-level
reports to measure and certify ongoing compliance efforts for FISMA.
