Compliance

FISMA / NIST 800-53 / FIPS PUB 200 compliance

The Federal Information Security Management Act (FISMA) is a law stating the measures to implement in order to secure United States federal property and information. The FISMA assigned the National Institute of Standards and Technology (NIST), the responsibility of defining standards and security procedures to be respected by American governmental agencies and to reinforce the information systems security level.

These standards have been published in the Federal Information Processing Standards Publication 200 (FIPS PUB 200), and the security controls to be made have been detailed in the NIST Special Publication 800-53 document.

The security requirements defined in FIPS PUB 200 cover 17 domains:

  • Access control
  • Awareness and training
  • Audit and accountability
  • Certification, accreditation and security assessments
  • Configuration management
  • Contingency planning
  • Identification and authentication
  • Incident response
  • Maintenance
  • Media protection
  • Physical and environmental protection
  • Planning
  • Personal security
  • Risk assessment
  • System and services acquisition
  • System and communications protection
  • System and information integrity

IS Decisions proposes a range of software solutions that will allow implementation of FIPS PUB 200 and FISMA compliance:

Domain IS Decisions
Aptitude
IS Decisions
Solution
IS Decisions solution's features
Access
control
Control UserLock Identification of users connected to the environment
Session duration per user
Disconnect a user
FileAudit Identification of users accessing files or folders
Identification of the type of access required by a user
Search, report and archive user access to files or folders
Audit and
accountability
Know WinReporter Comprehensive hardware, software and system audit for Windows resources.
Report permissions applied to files, folders and shares
Report applied hotfixes
Configuration
management
Know WinReporter Comprehensive hardware, software and system audit for Windows resources.
Search, report and archive configuration settings
Report permissions applied to files, folders and shares
Report applied hotfixes
Contingency
plan
Know WinReporter Comprehensive hardware, software and system audit for Windows resources.
Search, report and archive configuration settings
Report permissions applied to files, folders and shares
Identification and authentication Control UserLock Identification of users connected to the environment
Session duration per user
Search, report and archive user connectivity
Incident
response
Know WinReporter Search, report and archive configuration settings
Act RemoteExec Corrective action execution
Settings or configuration modification
Maintenance Know WinReporter Search, report and archive configuration settings
Act RemoteExec Corrective action execution
Settings or configuration modification
System and
communications
protection
Know WinReporter Comprehensive hardware, software and system audit for Windows resources.
Search, report and archive configuration settings
Report permissions applied to files, folders and shares
Report applied hotfixes
Detection of unauthorized/illegal software
Act RemoteExec Remote installation of security hotfixes by batch
System and
information
integrity
Control UserLock Identification of users connected to the environment
Session duration per user
Disconnect or lock a user account
Computer access restriction for specific user accounts/groups
FileAudit Identification of users accessing files or folders
Search, report and archive user access to files or folders

Share this page: