FISMA 2014 codifies many current federal security practices

For the most part, the 2014 update to FISMA introduces little new to federal security management, but instead codifies roles, responsibilities, requirements, and practices already put in place through OMB memoranda and other official guidance to agencies.

Three years in, FedRAMP offers 3 paths to compliance

The FedRAMP PMO rolled out a new logo and announced the addition of four cloud systems to its list of authorized service providers, bringing the total of authorized solutions to 27.

NIST updates security control assessment procedures

On December 12, the National Institute of Standards and Technology (NIST) Computer Security Division announced the final release of Special Publication 800-53A Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations. This…

Update to FISMA signed into law

In December Congress passed, and the president signed into law the Federal Information Security Modernization Act of 2014, which provides the first comprehensive update to federal security legislation since 2002.