The Federal Information Security Management Act (FISMA) is a United States federal law passed in 2002 that requires companies to establish protection plans for secure information and data. FISMA is part of the larger E-Government Act of 2002 designed to monitor and improve sensitive information managed by electronic government services and organizations.

The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for its information systems and data within to support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

With a strong foundation in Security Assessment & Authorization and Risk Management, CSI offers Assessment & Authorization methodologies to strengthen your security posture while ensuring you’re compliant.

Given the very real and present nature of cybersecurity threats, organizations must consistently maintain heightened security awareness to protect their critical information and assets.

CSI has highly skilled and experienced Information Systems Security Officers (ISSOs) available to provide support to organizations. CSI ISSOs have the technical expertise as well as the FISMA compliance expertise to successfully take a new system from Step 1 of the Risk Management Framework (RMF) to Step 6 of the RMF while ensuring that maintains a security posture that is acceptable by the organization. Our ISSOs have over 10 years experience providing ISSO duties such as:

Cyber Security Innovations focuses on providing quality penetration testing services to federal and commercial customers. During the penetration testing stage, our experienced consultants provide ongoing updates to allow the costumer time to remediate findings while the assessment is in progress. Having assisted many companies through their first penetration testing experience, CSI provides comprehensive, understandable reports, and our consultants are available to discuss in depth and provide remediation advice.

We are widely recognized for our cloud security services that includes a leading FedRAMP Advisory Service offering. Our team guides our clients through every step, from leveraging our proven methodology assessing cloud service providers (CSPs), supporting cloud PMOs in Federal Agencies, to developing system security plan documentation and performing readiness reviews.

We will provide training to your staff, regardless of the size, at your desired location. We believe you are never too small to implement security awareness & training in your organization, as this is beneficial to you and your customers. Our training packages include information on regulatory requirements (FISMA, HIPPA, SOX, GLBA, etc.) to ensure your business has an adequate internal control framework in place. Our training focuses on, but is not limited to the following areas:

Training is available in Spanish. Contact us for more information on CSI’s training packages.