• Four Reasons Why You Should Not Let a General IT Security Organization Perform Your FISMA Assessment

    Okay, you have a contract (or subcontract or grant) that involves sensitive government information and a connection to a Federal Information System. So, you are now subject to FISMA compliance and must undergo an assessment. You’ve looked at NIST Special Pub 800-53, Revision 4 and are somewhat bewildered by the hundreds of control requirements. Maybe ... Read More →

  • Your FISMA 12 Step Program

    If you work with the Federal Government, you are going to have to deal with FISMA sooner or later. The following is a guide to help ensure your success while traversing the FISMA process. Let’s start off with the basics! The Federal Information Security Management Act, known as FISMA, requires organizations running systems that process ... Read More →

  • How BSC Completes Your FISMA Audit With Minimal Interference With Your Operations

    Chances are, you and your IT staff are very busy and that you view a FISMA audit as the last thing that you need on your plate. We understand and therefore have structured our approach to FISMA and HIPAA audits with “Minimizing Interference” as one of the major pillars. How do we do this? Prepare! ... Read More →

  • How to Ease Future Compliance – Get Ahead of the Curve NOW

    So you just finished your FISMA assessment and are working the remaining POA&M items. With these items well in hand you are thinking that next year’s audit is going to be a breeze. But about two weeks before that audit, you find out that there are new control requirements and, while easier than your first ... Read More →