Information Security Master Essay Example | Topics and Well Written Essays - 10500 words

Information Security Master - Essay Example IT security policies in the private sector are also reviewed. In part II (3.0 -- 3.7) we shall focus attention on plans and efforts to implement the Federal Information Security Management Act (FISMA) by the computer security division of NIST. NIST has created what it describes as the "FISMA Implementation Project" which NIST has broken down into three phases. Phase I discusses security standards and Guidelines, Phase II delves into organizational accreditation program while phase III is called the Security Tool Validation Program. We review too Department of Defense (DoD) security certification and accreditation (DITSCAP) program. We take a look too at funding sources for implementing FISMA and how the private sectors are reacting to FISMA. Part III of this thesis (4.0 - 5.0) takes a deep look at the impact of FISMA in federal government agencies and departments and compliance efforts. We examine a few case studies and then move on to look at the private sector compliance initiatives, including software produced by the private sector software industry to help government agencies and departments achieve compliance easily We link how the various policies, circulars and presidential executive orders shaped management of information and information systems in the federal government. Our methodology is to link how the various policies, circulars and presidential executive orders shaped management of information and information systems in the federal government. We analyze the US Government Accounting Office (GAO, 2006) report and the House 'FISMA Report Card' (Federal Computer Security Grades: 2001 -2005) In the Thesis conclusion we show that FISMA has infact reduced the risk, albeit slowly, to information security in Federal