As set forth in the Office of Management and Budget's mandated Federal Information Security Management Act of 2002, departments and agencies are required to implement appropriate security policies and supporting security architectures to reduce and quickly remediate vulnerabilities of their enterprise systems.  FISMA's goal is for federal agencies to define and build the required security mechanisms within IT initiatives that support and enforce security planning, testing, and evaluation.

FISMA defines a specific architecture for reporting information security incidents within the federal government.   The Act stringently prescribes a defined systems process approach for computer security.  This process is a new effort for many federal organizations.  FISMA directs each agency to a designated Chief Information Officer that will be responsible for the organization's information security program, as well as an Inspector General (IG) or independent auditor to perform the required annual security assessments.

Stevens Technologies has experience in all areas of the FISMA legislation, and we would like to provide the proper assessments for your organization.  In order to initiate the process, we perform comprehensive initial and regular risk assessments and management reviews.  We begin the process by performing an organizational risk assessment, and then we implement the required information security mechanism controls to ensure the security of those identified risks in your organization.

As with most compliance regulations related to information security, we at Stevens Technologies prefer to regard the necessity to bring an organization into compliance as an opportunity rather than a burden.  Our FISMA projects provide organizations with the chance to bolster their IT infrastructure with procedures put in place by information security experts.  This builds an essential foundation that provides for the security of future operations and promotes the prosperity of the organization overall.

Return to Compliance Auditing