Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Connecting the Dots

Published

Author(s)

Stephen D. Quinn

Abstract

Establishing traceability from high-level Federal Information Security Management Act (FISMA) requirements to specific mechanisms to secure hardware and software poses challenges for the government?s systems security managers. Effectively using security controls hinges on ensuring that an agency?s technology staff can properly establish and enforce their systems? security configuration settings. To make the important linkage from law and policy to the mandatory security requirements and controls described in Federal Information Processing Standard 200 and NIST Special Publication 800-53, NIST established the Information Security Automation Program (ISAP). This article describes ISAP and one of its elements, the Security Content Automation Protocol (SCAP).
Citation
FedTech Magazine

Keywords

checklist, FISMA, security controls

Citation

Quinn, S. (2007), Connecting the Dots, FedTech Magazine, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=51175 (Accessed April 21, 2024)
Created June 1, 2007, Updated February 17, 2017