FISMA and FIPS

FISMA – Federal Information Security Management Act of 2002 (aka Title III of E-Govt Act of 2002, pub law 107-347)

Key documents associated with FISMA:

  • FIPS 199 – Security Categorization – [csrc.nist.gov]
  • FIPS 200 – Minimum Security Requirements – [csrc.nist.gov]
  • NIST SP 800-53 – Security Controls – [csrc.nist.gov]

SEE ALSO:
Introduction to 800-53 Controls


FIPS – Federal Information Processing Standards are approved by the Secretary of Commerce and published by NIST. FIPS are compulsory and binding (for federal agencies) and may not be waived.

FIPS Publications
– [csrc.nist.gov]

SEE ALSO:
FIPS Validated Encryption

Comments are closed.