FISMA certification & accreditation handbook
The only book that instructs IT Managers to adhere to federally mandated certification and accreditation requirements.This book will explain what is meant by Certification and Accreditation and why the process is mandated by federal law. The different Certification and Accreditation laws will be cit...
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Rockland, MA :
Syngress
c2007.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009626869106719 |
Tabla de Contenidos:
- Front Cover; Fisma Certification & Accreditation; Copyright Page; Contents; Foreword; Preface; Chapter 1. What Is Certification and Accreditation?; Introduction; Terminology; Audit and Report Cards; A Standardized Process; Templates, Documents, and Paperwork; Certification and Accreditation Laws Summarized; Summary; Notes; Chapter 2. Types of Certification and Accreditation; Introduction; The NIACAP Process; The NIST Process; DITSCAP; DCID 6/3; The Common Denominator of All C&A Methodologies; C&A for Private Enterprises; Summary; Notes
- Chapter 3. Understanding the Certification and Accreditation ProcessIntroduction; Recognizing the Need for C&A; Stepping through the Process; Summary; Chapter 4. Establishing a C&A Program; Introduction; C&A Handbook Development; Template Development; Provide Package Delivery Instructions; Create an Evaluation Process; Authority and Endorsement; Improve Your C&A Program Each Year; Problems of Not Having a C&A Program; Summary; Chapter 5. Developing a Certification Package; Introduction; Initiating Your C&A Project; Analyze Your Research; Preparing the Documents; Verify Your Information
- Retain Your EthicsSummary; Chapter 6. Preparing the Hardware and Software Inventory; Introduction; Determining the Accreditation Boundaries; Collecting the Inventory Information; Structure of Inventory Information; Delivery of Inventory Document; Summary; Chapter 7. Determining the Certification Level; Introduction; What Are the C&A Levels?; Importance of Determining the C&A Level; Don't Make This Mistake; Criteria to Use for Determining the Levels; Confidentiality, Integrity, and Availability; Integrity; Availability; How to Categorize Multiple Data Sets; Impact Levels and System Criticality
- System Attribute CharacteristicsDetermining Level of Certification; Template for Levels of Determination; Rationale for the Security Level Recommendation; Process and Rationale for the C&A Level Recommendation; The Explanatory Memo; Summary; Chapter 8. Performing and Preparing the Self-Assessment; Introduction; Objectives; Introduction; Designing the Survey; Questions for Self-Assessment Survey; Summary; Notes; Chapter 9. Addressing Security Awareness and Training Requirements; Purpose of Security Awareness and Training; Security Training; Security Awareness
- The Awareness and Training MessageOnline Training Makes It Easy; Document Your Plan; Security Awareness and Training Checklist; Security Awareness Material Evaluation; Security Awareness Class Evaluation; Summary; Notes; Chapter 10. Addressing End-User Rules of Behavior; Introduction; Implementing Rules of Behavior; What Rules to Include; Consequences of Noncompliance; Rules of Behavior Checklist; Summary; Chapter 11. Addressing Incident Response; Introduction; Purpose and Applicability; Policies and Guidelines; Reporting Framework; Roles and Responsibilities; Definitions; Incident Handling
- Forensic Investigations
