This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Mar 28, 2010
The Federal Information Security Management Act known as FISMA, is typically thought to apply only to government organizations. However, contractors and vendors that provide services to, manage systems on behalf of, or maintain close relationships with a government agency may be held to similar standards.
That can be a problem because FISMA regulations are confusing at best and more commonly just plain overwhelming. Not surprisingly, a cottage industry has sprung up of expensive contractors who promise FISMA help.
Here’s what they don’t want you to know: Staying on the right side of FISMA auditors is a matter of common sense and solid security best practices. You’re probably already doing much of what’s required if you’re complying with other security requirements, like PCI for payment accounts data security.