Government-affiliated entities and organizations continue to be targets for IT security as they handle both classified government information and a wealth of personal and financial information pertaining to civilians. With the number of security threats on the rise globally, reducing potential security risks and threats and understanding the Federal Information Security Management Act (FISMA) has never been more important.

Why was FISMA compliance created?

FISMA became U.S. law as part of the larger E-Government Act of 2002. It defines a framework of requirements to secure the operations of federal agencies in a connected world. The law was further updated in 2014 as the Federal Information Security Modernization Act. The details of FISMA compliance have evolved from a body of NIST Special Publications and other risk and security standards into the NIST Risk Management Framework (RMF).

The growth of desktop computing, and the increasing use of computer networks required a (Read more...)