This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook, 2e, explains what is meant by Certification and Accreditation and why the process is mandated by federal law. The different Certification and Accreditation laws are cited and discussed, including the three leading types of C&A: NIST, NIAP, and DITSCAP. Next, the book explains how to prepare for, perform, and document a compliance project. The following section of the book shows how to address security awareness, end-user rules of behavior, and incident response…mehr
This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook, 2e, explains what is meant by Certification and Accreditation and why the process is mandated by federal law. The different Certification and Accreditation laws are cited and discussed, including the three leading types of C&A: NIST, NIAP, and DITSCAP. Next, the book explains how to prepare for, perform, and document a compliance project. The following section of the book shows how to address security awareness, end-user rules of behavior, and incident response requirements. Once this phase of the compliance project is complete, you will learn to perform security tests and evaluations, business impact assessments, system risk assessments, business risk assessments, contingency plans, business impact assessments, and system security plans. Finally, you will learn to audit your entire compliance project and correct any failures. FISMA Compliance Handbook, 2e, also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government's technical lead for FedRAMP, the government program used to assess and authorize cloud products and services.Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Laura Taylor leads the technical development of FedRAMP, the U.S. government's initiative to apply the Federal Information Security Management Act to cloud computing. In 2006, Taylor's FISMA Certification and Accreditation Handbook was the first book published on FISMA. Taylor has contributed to four other books on information security and has authored hundreds of articles and white papers on infosec topics for a variety of web publications and magazines. Specializing in assisting federal agencies and private industry comply with computer security laws, Taylor is a thought leader on cyber security compliance. Taylor has led large technology migrations, developed enterprise wide information security programs, and has performed risk assessments and security audits for numerous financial institutions.
Inhaltsangabe
1: What Is Certification and Accreditation? 2 FISMA Trickles into the Private Sector 3: FISMA Compliance Methodologies 4: Understanding the FISMA Compliance Process 5: Establishing a FISMA Compliance Program 6: FISMA Compliance Project Management 7: Preparing the Hardware and Software Inventory 8: Determining the Information Sensitivity Level 9: Addressing Security Awareness and Training Requirements 10: Addressing End-User Rules of Behavior 11: Addressing Incident Response 12: Performing Security Testing 13: Conducting a Privacy Impact Assessment 14: Performing the Business Impact Analysis 15: Developing the Contingency Plan 16: Preparing the Security Assessment Report 17: Developing a Configuration Management Plan 18: Preparing the System Security Plan 19: Before Submitting Your Documents 20: Evaluating the Security Assessment Package for Authorization 21: Addressing Compliance Findings 22: FedRAMP and Cloud Computing
1: What Is Certification and Accreditation? 2 FISMA Trickles into the Private Sector 3: FISMA Compliance Methodologies 4: Understanding the FISMA Compliance Process 5: Establishing a FISMA Compliance Program 6: FISMA Compliance Project Management 7: Preparing the Hardware and Software Inventory 8: Determining the Information Sensitivity Level 9: Addressing Security Awareness and Training Requirements 10: Addressing End-User Rules of Behavior 11: Addressing Incident Response 12: Performing Security Testing 13: Conducting a Privacy Impact Assessment 14: Performing the Business Impact Analysis 15: Developing the Contingency Plan 16: Preparing the Security Assessment Report 17: Developing a Configuration Management Plan 18: Preparing the System Security Plan 19: Before Submitting Your Documents 20: Evaluating the Security Assessment Package for Authorization 21: Addressing Compliance Findings 22: FedRAMP and Cloud Computing
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Shop der buecher.de GmbH & Co. KG Bürgermeister-Wegele-Str. 12, 86167 Augsburg Amtsgericht Augsburg HRA 13309