Question? Call Us  +1 (817) 546-4770

CIS 1205 Computer Information System

Academic Anxiety?

Get an original paper within hours and nail the task

156 experts online

Free Samples

CIS 1205 Computer Information System

.cms-body-content table{width:100%!important;} #subhidecontent{ position: relative;
overflow-x: auto;
width: 100%;}

CIS 1205 Computer Information System

0 Download4 Pages / 875 Words

Course Code: CIS1205
University: College Of Dupage

MyAssignmentHelp.com is not sponsored or endorsed by this college or university

Country: United States

Question:
In this assignment, students will review the federal work sector requirements and executives/organizations process to prepare for FISMA compliance as required in the Modernization Act of 2014, protecting the nations’ critical information infrastructure.The number of controls/sub-controls in the compliance requirementReference to another framework that may be used in complement to facilitate meeting of compliance regulations.The authorization and accreditation process of FISMAHow to apply the risk management framework to federal information systems through the FISMA process.
Answer:

FISMA compliance as required in the Modernization Act of 2014
FISMA compliance is achieved by following a project-oriented process. NIST explains this process in six steps: system initiation, development and acquisition, implementation, operation and maintenance and disposal
This can further be summarised in the diagram below
The number of controls/sub-controls in the compliance requirement
FISMA is a critical regulation requirement for federal data security guidelines and standards. It was brought forth to help reduce the risk which the federal information data is exposed to and also help to reduce the cost incurred on information security. To achieve the objectives FISMA set some security standards and guidelines that all federal agencies had to meet. However, FISMA also applies to private companies (Gantz & Philpott, 2013). The national Institutive of standards and technology plays an essential role in the implementation of FISMA project which was launched in January 2003. Thus it came up with the fundamental guidelines and security standards required by FISMA (Johnson, 2015). Some of this publications include  FIPS 200, NIST 800 and FIPS 199. NIST SP 800-53 gives a well-explained catalog of some security controls which is necessary for FISMA compliance (Gantz & Philpott, 2013). However, it is not necessarily that an agency needs to implement all the controls that are critical to the organizations. Thus agencies need to select appropriate controls to satisfy security requirement (Kott & Linkov, 2018). In the end, the said organization is supposed to document the security controls they selected in their system security plan. NIST 800-53 divides security controls into three categories custom, Hybrid, and Common. Custom controls are those meant to be used by personal devices or application. Hybrid controls are those that have a standard monitor and are typically customized according to the requirements of a specific application or device. Common controls are those that are often used in an organization.
Risk Management Framework
Another framework that may be used to complement and facilitate the meeting of compliance regulation includes the Risk Management Framework. The specification and selection of security controls are usually achieved as part of the organization security that is categorized as the management of organizational risk (Bourne, 2014). The management of organizational risk is an essential framework because it helps in selecting the best security controls for a system.
The authorization and accreditation process of FISMA
The national institute of standards and technology have come up with four phases for certification and accreditation process which the federal government uses to ensure that organizations comply with federal controls (Kott & Linkov, 2018). This process includes Initiation and planning, certification, accreditation and continuous monitoring. Each stage has some activities that must be acted upon before proceeding to the next activity.

Planning and initiation

 This happens to be the first stage in the certification and accreditation process. At this stage information system security officer and the information system owner must decide that a C&A is necessary (Patterson, Gingrich  & Nazario-Negron, 2018). They also establish a C&A team decide what resources are required, develop a project plan with milestones and lastly they determine a formal classification necessary for the C&A team.

Certification

In this certification stage, some independent auditors check on preliminary accreditation and certification document and do an audit the said information system by use of a checklist to make sure that controls which are based on NIST 800.53 have been put in place. This independent audit is composed of testing, visual inspection, onsite interviews and vulnerability scans.

Accreditation

In this stage, the body mandate for certification usually goes through the C&A document to make sure that all the critical information has been provided in the package before deciding on accreditation.

Continuous Monitoring

Continuous monitoring is necessary to be alert in case of new threats and also to able to maintain the systems compliant baseline. ISSO’s usually makes use of the detection tools, change management procedures and sys logs for monitoring and preventing any authorized changes (Taylor, 2013). Through having a process that continuously checks the information system, the ISSO can easily mark any configuration compromises or changes that can negatively affect the system
Applying Risk management framework to federal information system through the FISMA process
In recent times most of the in intelligent community organizations have migrated to NIST 800-53 because their security controls have modified their Risk Management framework according to the structure based on SP 800-37. The necessary framework steps which are found in SP 800-37 include: assess security controls, select security controls, monitor security state, implement security controls, authorize information system and Categorize information system (Taylor, 2013). FISMA Implementation project phase two came up with a  NIST documentation that significantly supports the Risk management framework.
References
Taylor, L. P. (2013). FISMA compliance handbook. Waltham, MA: Syngress.
Gantz, S. D., & Philpott, D. R. (2013). FISMA and the risk management framework [recurso electrónico]: The new practice of federal cybersecurity. Estados Unidos: Syngress.
Patterson, I., Patterson, I., Gingrich, N., Nazario-Negron, J., & National Institute of Standards and Technology (U.S.). (2018). NIST technology transfer interactions: the Fiscal year 2010 through the fiscal year 2014.
Kott, A., & Linkov, I. (2018). The cyber resilience of systems and networks. Cham: Springer.
Bourne, K. C. (2014). Application administrators handbook: Installing, updating and troubleshooting software
Johnson, L. (2015). Security controls evaluation, testing, and assessment handbook.

Free Membership to World’s Largest Sample Bank

To View this & another 50000+ free samples. Please put
your valid email id.

E-mail

Yes, alert me for offers and important updates

Submit 

Download Sample Now

Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.

UploadUnique Document

DocumentUnder Evaluation

Get Moneyinto Your Wallet

Total 4 pages

PAY 3 USD TO DOWNLOAD

*The content must not be available online or in our existing Database to qualify as
unique.

Cite This Work
To export a reference to this article please select a referencing stye below:

APA
MLA
Harvard
OSCOLA
Vancouver

My Assignment Help. (2021). CIS 1205 Computer Information System. Retrieved from https://myassignmenthelp.com/free-samples/cis1205-computer-information-system/security-controls-evaluation.html.

“CIS 1205 Computer Information System.” My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/cis1205-computer-information-system/security-controls-evaluation.html.

My Assignment Help (2021) CIS 1205 Computer Information System [Online]. Available from: https://myassignmenthelp.com/free-samples/cis1205-computer-information-system/security-controls-evaluation.html[Accessed 18 December 2021].

My Assignment Help. ‘CIS 1205 Computer Information System’ (My Assignment Help, 2021) accessed 18 December 2021.

My Assignment Help. CIS 1205 Computer Information System [Internet]. My Assignment Help. 2021 [cited 18 December 2021]. Available from: https://myassignmenthelp.com/free-samples/cis1205-computer-information-system/security-controls-evaluation.html.

×
.close{position: absolute;right: 5px;z-index: 999;opacity: 1;color: #ff8b00;}

×

Thank you for your interest
The respective sample has been mail to your register email id

×

CONGRATS!
$20 Credited
successfully in your wallet.
* $5 to be used on order value more than $50. Valid for
only 1
month.

Account created successfully!
We have sent login details on your registered email.

User:

Password:

Are you looking for a perfect rhetorical analysis for the essay paper? Get in touch with MyAssignmenthelp.com for custom writing assistance on your paper. We assure to help you boost your grade. We have our own essay generator tool where you can generate an essay paper instantly at zero cost. However, for quality support on a huge range of essay topics, it is better to hire our PhD qualified experts at a nominal price.

Latest Management Samples

div#loaddata .card img {max-width: 100%;
}

MPM755 Building Success In Commerce
Download :
0 | Pages :
9

Course Code: MPM755
University: Deakin University

MyAssignmentHelp.com is not sponsored or endorsed by this college or university

Country: Australia

Answers:
Introduction
The process of developing a successful business entity requires a multidimensional analysis of several factors that relate to the internal and external environment in commerce. The areas covered in this current unit are essential in transforming the business perspective regarding the key commerce factors such as ethics, technology, culture, entrepreneurship, leadership, culture, and globalization (Nzelibe, 1996; Barza, 2…
Read
More

SNM660 Evidence Based Practice
Download :
0 | Pages :
8

Course Code: SNM660
University: The University Of Sheffield

MyAssignmentHelp.com is not sponsored or endorsed by this college or university

Country: United Kingdom

Answers:
Critical reflection on the objective, design, methodology and outcome of the research undertaken Assessment-I
Smoking and tobacco addiction is one of the few among the most basic general restorative issues, particularly to developed nations such as the UK. It has been represented that among all risk segments smoking is the fourth driving purpose behind infections and other several ailments like asthma, breathing and problems in the l…
Read
More
Tags:
Australia Maidstone Management Business management with marketing University of New South Wales Masters in Business Administration 

BSBHRM513 Manage Workforce Planning
Download :
0 | Pages :
20

Course Code: BSBHRM513
University: Tafe NSW

MyAssignmentHelp.com is not sponsored or endorsed by this college or university

Country: Australia

Answer:
Task 1
1.0 Data on staff turnover and demographics
That includes the staffing information of JKL industries for the fiscal year of 2014-15, it can be said that the company is having problems related to employee turnover. For the role of Senior Manager in Sydney, the organization needs 4 managers; however, one manager is exiting. It will make one empty position which might hurt the decision making process. On the other hand, In Brisba…
Read
More

MKT2031 Issues In Small Business And Entrepreneurship
Download :
0 | Pages :
5

Course Code: MKT2031
University: University Of Northampton

MyAssignmentHelp.com is not sponsored or endorsed by this college or university

Country: United Kingdom

Answer:
Entrepreneurial ventures
Entrepreneurship is the capacity and willingness to develop, manage, and put in order operations of any business venture with an intention to make profits despite the risks that may be involved in such venture. Small and large businesses have a vital role to play in the overall performance of the economy. It is, therefore, necessary to consider the difference between entrepreneurial ventures, individual, and c…
Read
More
Tags:
Turkey Istanbul Management University of Employee Masters in Business Administration 

MN506 System Management
Download :
0 | Pages :
7

Course Code: MN506
University: Melbourne Institute Of Technology

MyAssignmentHelp.com is not sponsored or endorsed by this college or university

Country: Australia

Answer:
Introduction
An operating system (OS) is defined as a system software that is installed in the systems for the management of the hardware along with the other software resources. Every computer system and mobile device requires an operating system for functioning and execution of operations. There is a great use of mobile devices such as tablets and Smartphones that has increased. One of the widely used and implemented operating syste…
Read
More
Tags:
Australia Cheltenham Computer Science Litigation and Dispute Management University of New South Wales Information Technology 

Next

Need an essay written specifically to meet your requirements?

Choose skilled experts on your subject and get an original paper within your deadline

156 experts online

Your time is important. Let us write you an essay from scratch

Tips and Tricks from our Blog

PROJ6016 Employer Based Project

Free Samples PROJ6016 Employer Based Project .cms-body-content table{width:100%!important;} #subhidecontent{ position: relative; overflow-x: auto; width: 100%;} PROJ6016 Employer

Read More »

PPMP20009 Marking Rubric

Free Samples PPMP20009 Marking Rubric .cms-body-content table{width:100%!important;} #subhidecontent{ position: relative; overflow-x: auto; width: 100%;} PPMP20009 Marking Rubric

Read More »