Overview[]
The NIST, Computer Security Division, FISMA Implementation Project focuses on:
- Developing a comprehensive series of standards and guidelines to help federal agencies build strong cybersecurity programs, defend against increasingly sophisticated cyber-attacks, and demonstrate compliance to security requirements set forth in legislation, Executive Orders, Homeland Security Directives, and Office of Management and Budget (OMB) policies;
- Building a common understanding and reference guides for organizations applying the NIST suite of standards and guidelines that support the NIST Risk Management Framework (RMF);
- Developing minimum criteria and guidelines for recognizing security-assessment organization providers as capable of assessing information systems consistent with NIST standards and guidelines supporting the RMF; and
- Conducting FISMA outreach to public and private-sector organizations.