Federal Information Security Modernization Act (FISMA) compliance is complex, resource intensive, moderately expensive and challenging. Tackling the five (5) major sections of the legislation and eight components of the agency program begins with an understanding of FISMA that is best communicated using this chart.

This chart graphically communicates the major sections of Title III, E-Government Act requirements imposed by the Office of Management and Budget (OMB) and what are expected to be examined by an auditor (OIG, OMB, GAO, 3rd Party) during an assessment. An Agency or Commercial organization should use this chart to educate stakeholders on FISMA compliance and also identify a specific weakness to the Enterprise Security Program or system.

Additional uses for this chart include:

  • Developing Enterprise Policies and Standards
  • Defining Roles and Responsibilities
  • Developing Project Management Plan
  • Cost Projections of FISMA Projects
  • Human Resource – Conducting Resume Reviews and Candidate Interviews