By Laura P. Taylor

The one publication that instructs IT Managers to stick to federally mandated certification and accreditation requirements.

This e-book will clarify what's intended by way of Certification and Accreditation and why the method is remitted through federal legislations. different Certification and Accreditation legislation should be pointed out and mentioned together with the 3 prime varieties of C&A: NIST, NIAP, and DITSCAP. subsequent, the ebook explains tips to arrange for, practice, and rfile a C&A undertaking. the subsequent part to the publication illustrates addressing defense understanding, end-user principles of habit, and incident reaction specifications. as soon as this section of the C&A undertaking is entire, the reader will learn how to practice the protection checks and reviews, enterprise effect tests method probability exams, company danger checks, contingency plans, company impression tests, and procedure safeguard plans. eventually the reader will discover ways to audit their whole C&A undertaking and proper any mess ups.

* makes a speciality of federally mandated certification and accreditation requirements
* writer Laura Taylor's study on Certification and Accreditation has been utilized by the FDIC, the FBI, and the Whitehouse
* packed with important details on compliance for either company and executive IT Managers

Show description

Read or Download FISMA certification & accreditation handbook PDF

Similar network administration books

Outlook 2010 For Dummies (For Dummies (Computer/Tech))

Wake up to hurry at the new beneficial properties of Outlook 2010 with this enjoyable and pleasant advisor even though Microsoft Outlook is the #1 hottest email and productiveness device, many make the most of just a fraction of its actual capability. This easy-to-understand consultant walks you thru an abundance of often-overlooked counsel and tips that you should reap the benefits of all that Outlook has to supply.

A professional's guide to data communication in a TCP/IP world

A reference advisor to the codes, protocols, networks, indications and gear that give the opportunity to speak utilizing TCP/IP.

Microsoft Office 365 Administration Inside Out

Overcome Microsoft place of work 365 administration-from the interior out! Dive into place of work 365 administration-and fairly positioned your structures services to paintings! This supremely geared up reference packs countless numbers of timesaving suggestions, roubleshooting suggestions, and workarounds. notice how the specialists take on eployment, configuration, and management-and problem your self to new degrees of mastery.

Mastering Microsoft Exchange Server 2013

The bestselling consultant to interchange Server, totally up-to-date for the latest versionMicrosoft alternate Server 2013 is touted as an answer for reducing the full fee of possession, no matter if deployed on-premises or within the cloud. just like the prior variations, this finished advisor covers each element of putting in, configuring, and coping with this multifaceted collaboration approach.

Extra info for FISMA certification & accreditation handbook

Sample text

The SAISO works with the agency authorizing officials to ensure that they are in agreement on the security requirements of the information system as well as the key documents contained in the Certification Package such as the risk assessments and the Security Plan. In working together, the SAISO and the authorizing officials should be sure to take into consideration the mission and business requirements of the agency. The SAISO appoints the Certification Agent and holds them accountable for performing their duties.

The four C&A models are the National Information Assurance Certification and Accreditation Process (NIACAP) model, the National Institute of Standards and Technology (NIST) model, the Defense Information Technology Systems Certification and Accreditation Process (DITSCAP) model, and the DCID 6/3 model. The NIACAP model is based on a process published by the Committee on National Security Systems that documents its methodology in the National Security Telecommunications and Information System Security Instructions, otherwise known as NSTISSI No.

After reviewing the C&A packages, the Certification Agent, or evaluation team, makes recommendations to the internal accrediting authorities—the SAISO and authorizing official—on whether or not a package should be accredited or not. In most cases, the SAISO and authorizing official accepts the recommendation of the Certification Agent, and signs the accreditation letter based solely on a recommendation of the Certification Agent. The Security Assessment Report should justify the recommendation.

Download PDF sample

Rated 4.05 of 5 – based on 7 votes