FISMA Compliance

The Federal Information Security Management Act of 2002 (FISMA) is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002. FISMA requires federal agencies to develop, document and implement agency-wide information security programs to protect the confidentiality, integrity and availability of information and systems that support the operations and assets of the agency.

FISMA imposes a mandatory set of processes that must be followed for all information systems used or operated by a US Government federal agency or by a contractor or other organization on behalf of a US Government agency. These processes must follow a combination of Federal Information Processing standards (FIPS) documents, Circulars, Memoranda and Articles from OMB, the Special Publications (SP-800) series issued by NIST, and other legislation pertinent to federal information systems, such as the Privacy Act of 1974.

Security Advisers is very experienced in developing Security Improvement Programs for IT asset compositions with a Security Categorization of Critical or High, or Moderate for Confidentiality, Integrity, and Availability. We do this by engineering the appropriate Security Controls (and often Supplemental Control Sets), and then rigorously testing those controls for effectiveness and appropriateness.

Founded by former government IT security specialists, Security Advisers is uniquely qualified to ensure conformity with the NIST framework mandated under the statute. Security Advisers approaches FISMA compliance as a dynamic process, emphasizing active participation at all levels to achieve security AND compliance.

If you would like more information about Security Advisers' FISMA compliance services, please email or call us at 410-867-6329.

Tel: 410-867-6329 | Headquarters: 1517 Bay Drive, Shady Side, Maryland 20764