Rating:
(3 reviews)
Author: Laura P. Taylor
ISBN : 012405871X
New from $51.99
Format: PDF, EPUB
Download for free books Free FISMA Compliance Handbook: Second Edition [Paperback] for everyone book with Mediafire Link Download Link
This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed.
This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FISMA compliant security assessment.
Various topics discussed in this book include the NIST Risk Management Framework, how to characterize the sensitivity level of your system, contingency plan, system security plan development, security awareness training, privacy impact assessments, security assessments and more. Readers will learn how to obtain an Authority to Operate for an information system and what actions to take in regards to vulnerabilities and audit findings.
FISMA Compliance Handbook Second Edition, also includes all-new coverage of federal cloud computing compliance from author Laura Taylor, the federal government's technical lead for FedRAMP, the government program used to assess and authorize cloud products and services.
- Includes new information on cloud computing compliance from Laura Taylor, the federal government's technical lead for FedRAMP
- Includes coverage for both corporate and government IT managers
- Learn how to prepare for, perform, and document FISMA compliance projects
- This book is used by various colleges and universities in information security and MBA curriculums.
Direct download links available for Free FISMA Compliance Handbook: Second Edition
- Paperback: 350 pages
- Publisher: Syngress; 1 edition (September 10, 2013)
- Language: English
- ISBN-10: 012405871X
- ISBN-13: 978-0124058712
- Product Dimensions: 7.5 x 9.2 inches
- Shipping Weight: 2.3 pounds (View shipping rates and policies)
Free FISMA Compliance Handbook: Second Edition
f you work outside of the Federal Government space, you likely have not heard of FISMA. For the uninitiated, FISMA is the Federal Information Security Management Act. It was enacted in 2002 as part of the E-Government Act. It was a major impetus in the government regarding the importance of information security. After years of doing very little, FISMA was meant as a way to have a common security model throughout the government.
FISMA requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source. In other words, it is a huge cash cow for Washington, DC consultants.
In the FISMA Compliance Handbook, author Laura Taylor provides a high-level overview of the FISMA process. As someone who headed the technical development of FedRAMP, the government's method to apply the FISMA, Taylor brings a unique approach to the book. Her experience and the advice book make it an invaluable reference for anyone trying to tame that monstrosity called FISMA.
FISMA is certainly much more than this book. But for those looking to get an initial understanding on how to get a handle on FISMA compliance, the FISMA Compliance Handbook is a great resource to use.
By Ben Rothke
As a security practitioner with over 18 years of professional experience I recently found myself in a situation where I needed to implement FISMA from the ground up in an organization that never had anything similar. Typically I have been brought in to perform vulnerability scans/pen tests and implement various controls. This book covers the A-Z of what you need to know, without fluff, to get a FISMA program up and running. You will need additional material for your chosen risk management/FedRAMP, and obviously for implementation of the individual controls - but this tells you what you need to know, and more importantly in the specific language that is so important to adhere to. Note that FISMA, IRS-1075, MARS-E and other governance are all the same process under different names - and in our case it is MARS-E as required by CMS under ACA. Word for work identical to FISMA.
By Upstate_Doug