From: GovInfoSecurity
Publication Seen as Aiding with Continuous Monitoring
By Eric Chabrow
New guidance published by the National Institute of Standards and Technology is aimed at helping federal agencies and other organizations in and out of government assess proper security and privacy controls, especially those tied to the continuous monitoring of IT systems for vulnerabilities.
The Federal Information Security Management Act, the law that governs federal government IT security, requires government agencies to “reauthorize” the security of their IT systems every three years using a checkbox process to attest that proper
security controls were implemented. FISMA also requires inspectors general to review annually their respective agencies’ cybersecurity programs.
Leave a Reply