Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA.

Published byCatherine Warner Modified over 8 years ago

Similar presentations

Presentation on theme: "Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA."— Presentation transcript:

1

2 Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA

3 What is Security? 2 Security Architecture & Models Cryptography Security Management Access Controls & Methodology Laws, Investigations, & Ethics Applications & Systems Development Physical Security Operations Security Telecommunications & Networking Security Business Continuity Planning

4 What is Enterprise Security Architecture? 3 Enterprise Security Architecture is… …the strategic focus that enables the organization to carry out its mission in a secure manner What Drives Security Architecture? FISMA OMB A-130; Appendix III NIST Organization Policies and Procedures

5 Minimum Enterprise Security Architecture 4 All agencies must create a Security and Privacy Profile (SPP) that addresses, per OMB A-130; Appendix III: Encryption Malware Access Controls Identification & Authentication Audit Trail Creation & Analysis Intrusion Detection & Prevention Fraud Detection, Prevention, & Mitigation

6 Enterprise Security Architecture Answers… 5 The OMB SPP Helps Organize… Is the existing security program effective? Is risk being managed effectively? Are there any new laws or policies that need to be implemented? Planning Efforts for Future Requirements Current Requirements Capabilities Gap Analysis Efforts

7 Key EA Security Goals 7 EA Security Requirements Confidentiality Integrity Availability Enable advanced IT security capabilities Developed an IT security empowered workforce Improve IT security situational awareness Provide DOT-wide IT security services

8 Where Do These Efforts Fit Within the EA Framework? 8

9 Priorities For Addressing Integration of EA & Security 10 Streamline communication between Business Owners, ISSO’s, and Information Security Office Implement metrics that will effectively analyze the performance of security within DOT Information Systems EA Team Members must participate within Information Security working groups and Vice Versa Coordinate with Business Owners and the Information Security Office to develop the Trust Model Architecture

10 QUESTIONS

Download ppt "Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA."

Similar presentations

Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.

Nishidh, CISSP. To comply with Sarbanes oxley and other legislations To comply with industry standards and business partner requirements To protect.
SHIFTING INFORMATION SECURITY LANDSCAPE FROM C&AS TO CONTINUOUS MONITORING ANDREW PATCHAN JD, CISA ASSOCIATE IG FOR IT, FRB LOUIS C. KING, CPA, CISA, CMA,

SHIFTING INFORMATION SECURITY LANDSCAPE FROM C&AS TO CONTINUOUS MONITORING ANDREW PATCHAN JD, CISA ASSOCIATE IG FOR IT, FRB LOUIS C. KING, CPA, CISA, CMA,
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
Protection of Information Assets I. Joko Dewanto 1.

Protection of Information Assets I. Joko Dewanto 1.
Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)

Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)
The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,

The importance of a Compliance program is to ensure that our agency meets the highest possible standards for all relevant federal, state and local regulations,
NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.

NIH Security, FISMA and EPLC Lots of Updates! Where do we start? Kay Coupe NIH FISMA Program Coordinator Office of the Chief Information Officer Project.
BNSF Ethics and Compliance Program Roger Nober Executive Vice President Law and Secretary July 13, 2011.

BNSF Ethics and Compliance Program Roger Nober Executive Vice President Law and Secretary July 13, 2011.
Agenda COBIT 5 Product Family Information Security COBIT 5 content

Agenda COBIT 5 Product Family Information Security COBIT 5 content
NCI Enterprise Security Program

NCI Enterprise Security Program
Security Controls – What Works

Security Controls – What Works
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.

NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Building a Successful Security Infrastructure

Building a Successful Security Infrastructure
Overarching Roles of Critical Partners In A Project 9:30 – 10:00 Rob Curlee, FMO Joseph Dominque, OCISO Mike Perry, EA.

Overarching Roles of Critical Partners In A Project 9:30 – 10:00 Rob Curlee, FMO Joseph Dominque, OCISO Mike Perry, EA.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Information Systems Security Officer

Information Systems Security Officer
Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.

Information Security Governance and Risk Chapter 2 Part 1 Pages 21 to 69.
TIPHON IP Telephony Implementation Association TIPIA Overview Ayse Dilber, Michael Blaschitz TIPIA Vice-Chair, TIPIA Chair

TIPHON IP Telephony Implementation Association TIPIA Overview Ayse Dilber, Michael Blaschitz TIPIA Vice-Chair, TIPIA Chair
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Similar presentations

Ads by Google