HOT TOPICS >> Cloud computing | Cybersecurity | Gov 2.0 | Fiscal 2012 | Mobile | Transparency | GAO reports
AGENCY NEWS >> Defense | NASA | Homeland Security | NIST | OMB | Veterans Affairs | NARA | GSA
Latest News
Media Partner
Free Newsletter
FierceGovernmentIT tracks the latest technological developments in the U.S. government. Join more than 17,000 federal/state decision makers and IT executives who get FierceGovernmentIT via email. Sign up today!
About | View Sample | Privacy
Whitepapers
- IMPROVING THE MANAGEMENT OF FEDERAL GOVERNMENT IT ASSETS THROUGH BETTER COMMUNICATION WITH THE IT INDUSTRY
- The Top 4 Reasons Your Telecom Expense Management Provider Shouldn't Manage Your Wireless
- Cloud Computing: Threat or opportunity for VARs and MSPs? Special focus on cloud collaboration and messaging
- The E-discovery Toolbox: What you should look for in a unified e-discovery solution
- Inside the Federal Cloud: Master the Challenges, Seizing the Opportunities
- Virtual Game Changer
NASA moves away from C&A on IT systems
Certification and accreditation--a backbone requirement of the Federal Information Security Management Act--is no longer a strict requirement at NASA, according to a memo from Jerry Davis, the agency's deputy chief information officer for IT security.
New FISMA guidance (.pdf) from the Office of Management and Budget clearly shifts cybersecurity priorities "away form cumbersome and expensive C&A paperwork processes, in favor of a value-driven, risk-based approach to system security," Davis wrote.
To that end, system administrators in charge of existing systems will not have to recertify their systems this fiscal year, unless an authorizing official requests it. "However, these processes have proven largely ineffective and do not ensure a system's security or a true understanding of the system's risk posture," the memo states.
All new systems must still go through the NASA C&A process, the memo states, "Until a more effective security authorization process is established."
For more:
- see the NASA memo (.pdf)
- read this Nextgov story
- see OMB's fiscal 2010 FISMA guidance (.pdf)
Related Articles:
OMB gives DHS new powers under revised FISMA guidance
Federal cybersecurity staff less confident than bosses about cyber defense
FISMA blasted at House hearing
SHARE WITH:
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
