System Authorization Case Study
At the end of scal year 2002, the department had received a failing score in its level of compliance with Federal Information Security Management Act (FISMA) standards. The FISMA scorecard indicated that the department’s information technology security program had performed very poorly, particularly...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buchkapitel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 339 |
|---|---|
| container_issue | |
| container_start_page | 324 |
| container_title | |
| container_volume | |
| creator | Howard, Patrick D. |
| description | At the end of scal year 2002, the department had received a failing score in its
level of compliance with Federal Information Security Management Act (FISMA)
standards. The FISMA scorecard indicated that the department’s information technology security program had performed very poorly, particularly in the area ofsystem authorization, then referred to as certication and accreditation. Although
department management had published system authorization guidance and had
documented a certication and accreditation policy, neither had been effectively
enforced, and less than 10% of the department’s mission-critical systems and practically none of its noncritical systems were accredited. To that point, most of the
department’s certication and accreditation efforts had wisely been focused on life
safety systems, which were being effectively managed; high standards for certication testing were being maintained; and effective tracking of risk mitigation was
being accomplished. |
| doi_str_mv | 10.1201/b12357-12 |
| format | Book Chapter |
| fullrecord | <record><control><sourceid>proquest_infor</sourceid><recordid>TN_cdi_proquest_ebookcentralchapters_981531_13_325</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>EBC981531_13_325</sourcerecordid><originalsourceid>FETCH-LOGICAL-i1015-c4ea3ad4e2e166a1747a55131e207b5185215503222c691ed6f0ed8fd6fda4c3</originalsourceid><addsrcrecordid>eNotkMtOwzAQRY0QiLZ0wRfQHwh4xp7EWUYVL6kSi3ZvuYmjBtK42C4ofD2uymzubM7RzGXsDvgDIIfHLaCgIgO8YFMusQQulOSXbApSlAp5QeU1myiuhEQivGHzED54mrxMOJ-w-_UYot0vqmPcOd_9mti5YbE0wS7W8diMt-yqNX2w8_-csc3z02b5mq3eX96W1SrrgANltbRGmEZatJDnBgpZGCIQYNMNWwJFCERcIGKdl2CbvOW2UW3KxshazBietQfvvo42RG23zn3Wdoje9PXOHKL1QZcKSIAGoQVSgqoz1A2t83vz43zf6GjG3vnWm6HuwkkSNHB9akuf20q7_k629CiKP-iCXKc</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>book_chapter</recordtype><pqid>EBC981531_13_325</pqid></control><display><type>book_chapter</type><title>System Authorization Case Study</title><source>O'Reilly Online Learning: Academic/Public Library Edition</source><creator>Howard, Patrick D.</creator><creatorcontrib>Howard, Patrick D.</creatorcontrib><description>At the end of scal year 2002, the department had received a failing score in its
level of compliance with Federal Information Security Management Act (FISMA)
standards. The FISMA scorecard indicated that the department’s information technology security program had performed very poorly, particularly in the area ofsystem authorization, then referred to as certication and accreditation. Although
department management had published system authorization guidance and had
documented a certication and accreditation policy, neither had been effectively
enforced, and less than 10% of the department’s mission-critical systems and practically none of its noncritical systems were accredited. To that point, most of the
department’s certication and accreditation efforts had wisely been focused on life
safety systems, which were being effectively managed; high standards for certication testing were being maintained; and effective tracking of risk mitigation was
being accomplished.</description><identifier>ISBN: 1439820759</identifier><identifier>ISBN: 9781439820759</identifier><identifier>EISBN: 0429103840</identifier><identifier>EISBN: 1439820767</identifier><identifier>EISBN: 9781439820766</identifier><identifier>EISBN: 9780429103841</identifier><identifier>DOI: 10.1201/b12357-12</identifier><identifier>OCLC: 808342552</identifier><identifier>LCCallNum: TK5105.59 .H673 2012</identifier><language>eng</language><publisher>United Kingdom: Auerbach Publications</publisher><subject>Computer security</subject><ispartof>Official (ISC)2 Guide to the CAP CBK, 2013, p.324-339</ispartof><rights>2013 by Taylor & Francis Group, LLC</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Uhttps://ebookcentral.proquest.com/covers/981531-l.jpg</thumbnail><link.rule.ids>779,780,784,793,24781,27925</link.rule.ids></links><search><creatorcontrib>Howard, Patrick D.</creatorcontrib><title>System Authorization Case Study</title><title>Official (ISC)2 Guide to the CAP CBK</title><description>At the end of scal year 2002, the department had received a failing score in its
level of compliance with Federal Information Security Management Act (FISMA)
standards. The FISMA scorecard indicated that the department’s information technology security program had performed very poorly, particularly in the area ofsystem authorization, then referred to as certication and accreditation. Although
department management had published system authorization guidance and had
documented a certication and accreditation policy, neither had been effectively
enforced, and less than 10% of the department’s mission-critical systems and practically none of its noncritical systems were accredited. To that point, most of the
department’s certication and accreditation efforts had wisely been focused on life
safety systems, which were being effectively managed; high standards for certication testing were being maintained; and effective tracking of risk mitigation was
being accomplished.</description><subject>Computer security</subject><isbn>1439820759</isbn><isbn>9781439820759</isbn><isbn>0429103840</isbn><isbn>1439820767</isbn><isbn>9781439820766</isbn><isbn>9780429103841</isbn><fulltext>true</fulltext><rsrctype>book_chapter</rsrctype><creationdate>2013</creationdate><recordtype>book_chapter</recordtype><recordid>eNotkMtOwzAQRY0QiLZ0wRfQHwh4xp7EWUYVL6kSi3ZvuYmjBtK42C4ofD2uymzubM7RzGXsDvgDIIfHLaCgIgO8YFMusQQulOSXbApSlAp5QeU1myiuhEQivGHzED54mrxMOJ-w-_UYot0vqmPcOd_9mti5YbE0wS7W8diMt-yqNX2w8_-csc3z02b5mq3eX96W1SrrgANltbRGmEZatJDnBgpZGCIQYNMNWwJFCERcIGKdl2CbvOW2UW3KxshazBietQfvvo42RG23zn3Wdoje9PXOHKL1QZcKSIAGoQVSgqoz1A2t83vz43zf6GjG3vnWm6HuwkkSNHB9akuf20q7_k629CiKP-iCXKc</recordid><startdate>2013</startdate><enddate>2013</enddate><creator>Howard, Patrick D.</creator><general>Auerbach Publications</general><general>Auerbach Publishers, Incorporated</general><scope>FFUUA</scope></search><sort><creationdate>2013</creationdate><title>System Authorization Case Study</title><author>Howard, Patrick D.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i1015-c4ea3ad4e2e166a1747a55131e207b5185215503222c691ed6f0ed8fd6fda4c3</frbrgroupid><rsrctype>book_chapters</rsrctype><prefilter>book_chapters</prefilter><language>eng</language><creationdate>2013</creationdate><topic>Computer security</topic><toplevel>online_resources</toplevel><creatorcontrib>Howard, Patrick D.</creatorcontrib><collection>ProQuest Ebook Central - Book Chapters - Demo use only</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Howard, Patrick D.</au><format>book</format><genre>bookitem</genre><ristype>CHAP</ristype><atitle>System Authorization Case Study</atitle><btitle>Official (ISC)2 Guide to the CAP CBK</btitle><date>2013</date><risdate>2013</risdate><spage>324</spage><epage>339</epage><pages>324-339</pages><isbn>1439820759</isbn><isbn>9781439820759</isbn><eisbn>0429103840</eisbn><eisbn>1439820767</eisbn><eisbn>9781439820766</eisbn><eisbn>9780429103841</eisbn><abstract>At the end of scal year 2002, the department had received a failing score in its
level of compliance with Federal Information Security Management Act (FISMA)
standards. The FISMA scorecard indicated that the department’s information technology security program had performed very poorly, particularly in the area ofsystem authorization, then referred to as certication and accreditation. Although
department management had published system authorization guidance and had
documented a certication and accreditation policy, neither had been effectively
enforced, and less than 10% of the department’s mission-critical systems and practically none of its noncritical systems were accredited. To that point, most of the
department’s certication and accreditation efforts had wisely been focused on life
safety systems, which were being effectively managed; high standards for certication testing were being maintained; and effective tracking of risk mitigation was
being accomplished.</abstract><cop>United Kingdom</cop><pub>Auerbach Publications</pub><doi>10.1201/b12357-12</doi><oclcid>808342552</oclcid><tpages>16</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISBN: 1439820759 |
| ispartof | Official (ISC)2 Guide to the CAP CBK, 2013, p.324-339 |
| issn | |
| language | eng |
| recordid | cdi_proquest_ebookcentralchapters_981531_13_325 |
| source | O'Reilly Online Learning: Academic/Public Library Edition |
| subjects | Computer security |
| title | System Authorization Case Study |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-03T15%3A54%3A10IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_infor&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=bookitem&rft.atitle=System%20Authorization%20Case%20Study&rft.btitle=Official%20(ISC)2%20Guide%20to%20the%20CAP%20CBK&rft.au=Howard,%20Patrick%20D.&rft.date=2013&rft.spage=324&rft.epage=339&rft.pages=324-339&rft.isbn=1439820759&rft.isbn_list=9781439820759&rft_id=info:doi/10.1201/b12357-12&rft_dat=%3Cproquest_infor%3EEBC981531_13_325%3C/proquest_infor%3E%3Curl%3E%3C/url%3E&rft.eisbn=0429103840&rft.eisbn_list=1439820767&rft.eisbn_list=9781439820766&rft.eisbn_list=9780429103841&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=EBC981531_13_325&rft_id=info:pmid/&rfr_iscdi=true |