NIST and FISMA: A Comprehensive Analysis of the Relationship

Verified

Added on 2023/01/23

AI Summary

This report delves into the relationship between the National Institute of Standards and Technology (NIST) and the Federal Information Security Management Act (FISMA). It explains how NIST provides guidelines and standards to support FISMA's goals of protecting federal information and systems. The report explores how FISMA mandates security measures and establishes a framework for agencies to manage information security risks, while NIST provides the specific technical standards and best practices to achieve these goals. It highlights the importance of both for cybersecurity, detailing how they work together to ensure the integrity, confidentiality, and availability of data. The report references key publications and research to illustrate the practical application of these standards, emphasizing their role in reducing cyber threats and improving data security within government agencies. The report also emphasizes the importance of NIST and FISMA in developing and implementing cybersecurity policies and protecting sensitive information.

Relationship between NIST and FISMA

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

NIST and FISMA
1
FISMA AND NIST
The term FISMA is defined as the federal information security modernization act
which is United State legislation developed for protecting information and data. It is an
advanced version of the federal information security act signed into law by President
George in the year 2002. The term NIST refers to the national institute of standards and
technology which is produced for reducing security issues and improves the privacy of
government information (Compliance Point, 2018). Mainly, NIST is the acronym for the
national institute of standards which puts forth a wide range of publication. Moreover,
NIST produces standards and guidelines in order to help federal agencies and it also
assists those agencies in protecting their data of information by using the effective
programmes.
Relationship between FISMA and NIST
It is analysed that the federal information system needs government
communities in order to design and implement information security processes for
controlling and managing the security issues and data breaching. The national institute
of standards and technology is a non-regulatory community that has issued particular
guidance for complying with the acts produced by FISMA. It is directly linked to the
FISMA because both these communities provide a platform for controlling the security-
related issues (Foresite, 2016). However, both FISMA and NIST are used for
implementing a risk management policy and also ensure the integrity, availability and
confidentiality of the information. it is observed that the FISMA act involve system
security plan and techniques for improving the security of computer devices and NIST
also include strategies and tools that help consumers and companies for reducing the
rate of cyber-attacks or security threats.
The FISMA need each and every federal community for developing and
implementing an agency-wide cybersecurity plan and NIST design and implement
federal information standards which divide kinds of information and processes for
protecting computer devices. a recently identified that the NIST is also responsible for
reviewing and vetting the FISMA the security and privacy standards for identifying the
risk factors linked with computer networks and security systems (Keblawi, & Sullivan,

NIST and FISMA
2
2016). The key purpose of both NIST and FISMA acts is to analyse the fundamental
security issues associated with the information technology and provide several
strategies and approaches to consumers for improving the security of data.
The NIST communities identify the impact of federal requirements and analyse
the security programmes developed by FISMA for monitoring security threats. NIST
suggested that lack of security and use of unauthentic servers are very common factors
that increase the rate of cyber-crimes and hacking while FISMA suggested that
consumers use unwanted links and less security system which lead cyber-attacks
(Gikas, 2010). Therefore, both FISMA and NIST communities are designed for improving
the security of the company's data and personal details. Or in other words, FISMA and
NIST acts are available for developing and implementing cybersecurity policies towards
an organization’s security and private details.

NIST and FISMA
3
References
Compliance Point (2018). FISMA & NIST Standards. Retrieved from:
https://www.compliancepoint.com/fisma-and-nist-standards
Foresite (2016). How does FISMA relate to NIST? Retrieved from:
https://foresite.com/question-prospect-fisma-relate-nist/
Gikas, C. (2010). A General Comparison of FISMA, HIPAA, ISO 27000 and PCI-DSS
Standards. Information Security Journal: A Global Perspective, 19(3), 132-141.
Keblawi, F., & Sullivan, D. (2016). The case for flexible NIST security
standards. Computer, 40(6), 19-26.