cs

 

ppn…aids Federal, state and local government agencies and private industry with FISMA and privacy compliance!

The Federal Information Security Management Act (FISMA) requires all Federal agencies to provide for the security of sensitive and confidential information, defined as "Protected Information". Compliance with the act is monitored by the Office of Management and Budget (OMB) and other agencies. Many of the FISMA requirements are defined in OMB Circular No. A-130 which addresses the need for encryption and the secure transfer of electronic information between parties.

“(c) Limit the sharing of information that identifies individuals or contains proprietary information to that which is legally authorized, and impose appropriate conditions on use where a continuing obligation to ensure the confidentiality of the information exists;”
OMB Circular No. A-130, Revised, Section 8.

“(iii) Establish a level of security for all information systems that is commensurate to the risk and magnitude of the harm resulting from the loss, misuse, unauthorized access to, or modification of the information stored or flowing through these systems.”
OMB Circular No. A-130, Revised, Section 8.

 

Parties are defined to include non-Federal agencies such as contactors, vendors, state and local governmental agencies and others. Furthermore, it is the started opinion of OMB that the cyber-security of protected information requirements of FISMA apply to all State governmental agencies and all private businesses and organizations which have access to any Federal government maintained protected information or who provide protected information to the Federal government.

…because FISMA applies to both information and information systems used by the agency, contractors, and other organizations and sources, it has somewhat broader applicability than that of prior security law. That is, agency IT security programs apply to all organizations (sources) which possess or use Federal information – or which operate, use, or have access to Federal information systems – on behalf of a Federal agency. Such other organizations may include contractors, grantees, state and local governments, industry partners, etc. FISMA therefore underscores longstanding OMB policy concerning sharing government information and interconnecting systems, i.e., Federal security requirements continue to apply and the agency is responsible for ensuring appropriate security controls (see OMB Circular No. A-130, Appendix III).
Source: OMB Memorandum M-03-19, Attachment A. Underline added.

For details on implementation of FISMA and its application to state and local governments and private industry see OMB Memorandum

The secure transfer of data files between authorized parties is an integral part of compliance with FISMA. ppn provides every Federal agency, state and local agency, and private business and organization with the capability to securely, in encrypted format, transfer and share protected information between authorized parties in full compliance with the FISMA and privacy requirements.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

[Contact ACAP] [FAQ] [[Privacy Policy][Legal] [Patents Pending]
Copyright 2002-2006 ACAP Security Inc., all rights reserved