Federal Information Processing Standards Publication Basic


Guide to Protecting the Confidentiality of Personally Identifiable Information

Author : Erika McCallister

Publisher : DIANE Publishing

Page : 59 pages

File Size : 30,44 MB

Release : 2010-09

Category : Computers

ISBN : 1437934889

Get eBook

Book Description

The escalation of security breaches involving personally identifiable information (PII) has contributed to the loss of millions of records over the past few years. Breaches involving PII are hazardous to both individuals and org. Individual harms may include identity theft, embarrassment, or blackmail. Organ. harms may include a loss of public trust, legal liability, or remediation costs. To protect the confidentiality of PII, org. should use a risk-based approach. This report provides guidelines for a risk-based approach to protecting the confidentiality of PII. The recommend. here are intended primarily for U.S. Fed. gov¿t. agencies and those who conduct business on behalf of the agencies, but other org. may find portions of the publication useful.



Federal Information System Controls Audit Manual (FISCAM)

Author : Robert F. Dacey

Publisher : DIANE Publishing

Page : 601 pages

File Size : 35,88 MB

Release : 2010-11

Category : Business & Economics

ISBN : 1437914063

Get eBook

Book Description

FISCAM presents a methodology for performing info. system (IS) control audits of governmental entities in accordance with professional standards. FISCAM is designed to be used on financial and performance audits and attestation engagements. The methodology in the FISCAM incorp. the following: (1) A top-down, risk-based approach that considers materiality and significance in determining audit procedures; (2) Evaluation of entitywide controls and their effect on audit risk; (3) Evaluation of general controls and their pervasive impact on bus. process controls; (4) Evaluation of security mgmt. at all levels; (5) Control hierarchy to evaluate IS control weaknesses; (6) Groupings of control categories consistent with the nature of the risk. Illus.







Publications

Author : United States. National Bureau of Standards

Publisher :

Page : 752 pages

File Size : 30,67 MB

Release : 1971

Category : Government publications

ISBN :

Get eBook

Book Description





Federal Register

Author :

Publisher :

Page : 2128 pages

File Size : 21,26 MB

Release : 1979-07

Category : Delegated legislation

ISBN :

Get eBook

Book Description



Guide for Developing Security Plans for Federal Information Systems

Author : U.s. Department of Commerce

Publisher : Createspace Independent Publishing Platform

Page : 50 pages

File Size : 36,91 MB

Release : 2006-02-28

Category : Computers

ISBN : 9781495447600

Get eBook

Book Description

The purpose of the system security plan is to provide an overview of the security requirements of the system and describe the controls in place or planned for meeting those requirements. The system security plan also delineates responsibilities and expected behavior of all individuals who access the system. The system security plan should be viewed as documentation of the structured process of planning adequate, cost-effective security protection for a system. It should reflect input from various managers with responsibilities concerning the system, including information owners, the system owner, and the senior agency information security officer (SAISO). Additional information may be included in the basic plan and the structure and format organized according to agency needs, so long as the major sections described in this document are adequately covered and readily identifiable.