Category Archives: NIST-FISMA compliance

ISO 27002 Compliance, NIST-FISMA compliance, Risk Assessment Policy

A Security Policy Framework for IT Risk Assessments

Posted on by David Lineman

The completion of an information security risk assessment is a key requirement in all information security frameworks, including ISO 27002, NIST 800:53, HIPAA and PCI-DSS.  A recent analysis of regulatory enforcement under HIPAA identifies risk assessment as a key area of weakness. While risk assessments are required, the specifics for how to perform a risk […]

Continue reading
Information Security Policies, NIST-FISMA compliance

Information Security Policies According to NIST

Posted on by David Lineman

Five Best Practices from NIST 800-53 In April 2013, NIST made the final updates to their complete catalog of information security requirements, Special Publication 800-53 Revision 4 – Security and Privacy Controls for Federal Information Systems and Organizations.  The catalog is BIG – it contains hundreds of information security and data privacy requirements organized into […]

Continue reading