FISMA: Achieving and Maintaining Compliance to Ensure Security of Systems and Data

This paper is intended to show how Tripwire Enterprise can continue to help federal agencies, as well as the organizations that store, process or transmit federal information, and the contractors that do business with the federal government, by providing an automated method for meeting many of the most critical regulatory IT security standards of FISMA compliance. This paper contains case studies from three fictional federal agencies, each capturing the perspective of a key stakeholder in the FISMA compliance process. The case studies highlight how a CIO, Information Systems Owner and Authorizing Officer approach and manage the internal issues of demonstrating FISMA compliance, and how they meet many of those challenges with Tripwire configuration audit and control solutions.