FISMA Principles and Best Practices: Beyond Compliance, 1st Edition (e-Book) book cover

FISMA Principles and Best Practices

Beyond Compliance, 1st Edition

By Patrick D. Howard

Auerbach Publications

345 pages

Purchasing Options:$ = USD
Hardback: 9781420078299
pub: 2011-03-29
$83.95
x
eBook (VitalSource) : 9780429120282
pub: 2016-04-19
from $28.98


FREE Standard Shipping!

Description

While many agencies struggle to comply with Federal Information Security Management Act (FISMA) regulations, those that have embraced its requirements have found that their comprehensive and flexible nature provides a sound security risk management framework for the implementation of essential system security controls. Detailing a proven appro

Table of Contents

Introduction. Analysis of the Federal Information Security Management Act (FISMA). Principles of FISMA Reporting. Managing FISMA Compliance. Management Support. The Information Security Organization. Staffing Considerations. Program Planning. Developing Policy and Guidance. Training and Awareness. Audit Liaison. Monitoring Mechanisms. Life-Cycle Issues. Outreach. Summary. Appendices: The FISMA Legislation. OMB FISMA Reporting Guidelines. OMB FISMA FY10 Reporting Questionnaires. Consensus Audit Guidelines. Bibliography. Index.

About the Author

Patrick D. Howard has over 38 years of experience in the security industry, and has worked in the computer security field for the past 23 years. Mr. Howard has served as the Chief Information Security Officer at the Nuclear Regulatory Commission since March 17, 2008, and is responsible for managing NRC's enterprise-wide information security program. Prior to joining NRC, Mr. Howard was employed at the Department of Housing and Urban Development for 3 years, where he served as HUD's Chief Information Security Officer and managed the Department's enterprise-wide information technology security program.

Mr. Howard led HUD to a first ever "A+" score on Congress' 2006 FISMA Report Card and was recognized as a 2007 Fed 100 winner for his accomplishments in government information technology. Prior to joining HUD, Mr. Howard was employed by the Titan Corporation supporting the Department of Transportation where he served as the Department's Certification and Accreditation Program Manager. Mr. Howard is co-author of the Total CISSP Exam Prep Book, and author of Building and Implementing a Security Certification and Accreditation Program.

Mr. Howard received a bachelor's degree in History from the University of Oklahoma and an master's degree in International Relations from Boston University. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM). He is a member of the American Council for Technology/Industry Advisory Council (ACT/IAC) InfoSec and Privacy Shared Interest Group Government Advisory Panel and the International Information Systems Security Certification Consortium's Government Advisory Board and the Executive Writer's Bureau, which he chairs. Mr. Howard is also an adjunct professor of Information Assurance at Walsh College, Troy, Michigan.

Subject Categories

BISAC Subject Codes/Headings:
BUS073000
BUSINESS & ECONOMICS / Commerce
COM032000
COMPUTERS / Information Technology
COM053000
COMPUTERS / Security / General