The Federal Information Security Management Act of 2002 - also known as Title III of the E-Government Act of 2002 - regulates federal information security.

FISMA establishes greater management responsibility for information security as well as providing for significant oversight by the legislative branch.

CSO offers the following services to assist government agencies with compliance to FISMA information security standards:

Implementation of plans to reduce the risk to the government's information assets.

Development of an agency-wide efficient and measurable security program.

Design and creation of managed services for tracking and reporting.

Assistance with understanding evolving FISMA law and compliance requirements.

Assistance with the creation of an annual report to the OMB and Congress on compliance with FISMA requirements.

The creation and maintenance of FISMA required inventory of major systems.

Deliverable

The deliverable from this project is a detailed report showing our findings for each of the NIST controls along with a risk based score.   A detailed list showing suggested remediation steps is included.