X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 27 / 158

540 views

0 shares

0 downloads

0 comments

27 / 158

U.S. Department of Health and Human Services

With the passage of FISMA in 2002, there is no longer a statutory provision to allow for agencies to waive mandatory FIPS. The waiver provision had been included in the Computer Security Act of 1987; however, FISMA supersedes that Act. Therefore, the references to the "waiver process" contained in many of the FIPS listed below are no longer operative.

Note, however, that not all FIPS are mandatory; consult the applicability section of each FIPS for details. FIPS do not apply to national security systems (as defined in FISMA). The detailed guidance on implementing FIPS can be found on: http://csrc.nist.gov/publications/PubsSPs.html

Page 6 of 8

Information Security and the EPLC Compulsory Standards

Document info
Document views540
Page views540
Page last viewedThu Jan 19 11:46:34 UTC 2017
Pages158
Paragraphs2058
Words16945

Comments