معرفی کتاب «FISMA and the risk management framework [recurso electrónico] the new practice of federal cyber security» نوشتهٔ Stephen D. Gantz and Daniel R. Philpott (Eds.)، منتشرشده توسط نشر Elsevier/Syngress در سال 2013. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
If you are responsible for meeting federal information security requirements such as FISMA, this book is all you need to know to get a system authorized. Now in the first full revision of FISMA since its inception in 2002, a new wave of stronger security measures are now available through the efforts of the Department of Defense, Office of the Directory of National Intelligence, Committee for National Security Systems and the National Institute of Standards and Technology. Based on the new FISMA requirements for 2011 and beyond, this book catalogs the processes, procedures and specific security recommendations underlying the new Risk Management Framework. Written by an experienced FISMA practitioner, this book presents an effective system of information assurance, real-time risk monitoring and secure configurations for common operating systems. * Learn how to build a robust, near real-time risk management system and comply with FISMA * Discover the changes to FISMA compliance and beyond * Gain your systems the authorization they need Content: Front Matter , Pages i-ii Copyright , Page iv Dedication , Page v Trademarks , Page xvii Acknowledgements , Page xix About the Author , Page xxi Chapter 1 - Introduction , Pages 1-21 , Stephen D. Gantz, Daniel R. Philpott Chapter 2 - Federal Information Security Fundamentals , Pages 23-52 , Stephen D. Gantz, Daniel R. Philpott Chapter 3 - Thinking About Risk , Pages 53-78 , Stephen D. Gantz, Daniel R. Philpott Chapter 4 - Thinking About Systems , Pages 79-103 , Stephen D. Gantz, Daniel R. Philpott Chapter 5 - Success Factors , Pages 105-129 , Stephen D. Gantz, Daniel R. Philpott Chapter 6 - Risk Management Framework Planning and Initiation , Pages 131-151 , Stephen D. Gantz, Daniel R. Philpott Chapter 7 - Risk Management Framework Steps 1 & 2 , Pages 153-186 , Stephen D. Gantz, Daniel R. Philpott Chapter 8 - Risk Management Framework Steps 3 & 4 , Pages 187-218 , Stephen D. Gantz, Daniel R. Philpott Chapter 9 - Risk Management Framework Steps 5 & 6 , Pages 219-243 , Stephen D. Gantz, Daniel R. Philpott Chapter 10 - System Security Plan , Pages 245-273 , Stephen D. Gantz, Daniel R. Philpott Chapter 11 - Security Assessment Report , Pages 275-304 , Stephen D. Gantz, Daniel R. Philpott Chapter 12 - Plan of Action and Milestones , Pages 305-328 , Stephen D. Gantz, Daniel R. Philpott Chapter 13 - Risk Management , Pages 329-365 , Stephen D. Gantz, Daniel R. Philpott Chapter 14 - Continuous Monitoring , Pages 367-401 , Stephen D. Gantz, Daniel R. Philpott Chapter 15 - Contingency Planning , Pages 403-443 , Stephen D. Gantz, Daniel R. Philpott Chapter 16 - Privacy , Pages 445-480 , Stephen D. Gantz, Daniel R. Philpott Chapter 17 - Federal Initiatives , Pages 481-506 , Stephen D. Gantz, Daniel R. Philpott Appendix A - References , Pages 507-520 , Stephen D. Gantz, Daniel R. Philpott Appendix B - Acronyms , Pages 521-525 , Stephen D. Gantz, Daniel R. Philpott Appendix C - Glossary , Pages 527-545 , Stephen D. Gantz, Daniel R. Philpott Index , Pages 547-562 FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems. Learn how to build a robust, near real-time risk management system and comply with FISMA Discover the changes to FISMA compliance and beyond Gain your systems the authorization they need
If you are responsible for meeting federal information security requirements such as FISMA, this book is all you need to know to get a system authorized. Now in the first full revision of FISMA since its inception in 2002, a new wave of stronger security measures are now available through the efforts of the Department of Defense, Office of the Directory of National Intelligence, Committee for National Security Systems and the National Institute of Standards and Technology.
Based on the new FISMA requirements for 2011 and beyond, this book catalogs the processes, procedures and specific security recommendations underlying the new Risk Management Framework. Written by an experienced FISMA practitioner, this book presents an effective system of information assurance, real-time risk monitoring and secure configurations for common operating systems.
- Learn how to build a robust, near real-time risk management system and comply with FISMA
- Discover the changes to FISMA compliance and beyond
- Gain your systems the authorization they need