Bibliothèque de L'IMIST/CNRST

The only book that instructs IT Managers to adhere to federally mandated certification and accreditation requirements. This book will explain what is meant by Certification and Accreditation and why the process is mandated by federal law. The different Certification and Accreditation laws will be cited and discussed including the three leading types of C and A: NIST, NIAP, and DITSCAP. Next, the book explains how to prepare for, perform, and document a C and A project. The next section to the book illustrates addressing security awareness, end-user rules of behavior, and incident response requirements. Once this phase of the C and A project is complete, the reader will learn to perform the security tests and evaluations, business impact assessments system risk assessments, business risk assessments, contingency plans, business impact assessments, and system security plans. Finally the reader will learn to audit their entire C and A project and correct any failures. * Focuses on federally mandated certification and accreditation requirements * Author Laura Taylor's research on Certification and Accreditation has been used by the FDIC, the FBI, and the Whitehouse * Full of vital information on compliance for both corporate and government IT Managers.

Includes index.

Description based on print version record.

Includes bibliographical references.

Cover; Contents; Foreword; Preface; Chapter 1: What Is Certification and Accreditation?; Chapter 2: Types of Certification and Accreditation; Chapter 3: Understanding the Certification and Accreditation Process; Chapter 4: Establishing a C and A Program; Chapter 5: Developing a Certification Package; Chapter 6: Preparing the Hardware and Software Inventory; Chapter 7: Determining the Certification Level; Chapter 8: Performing and Preparing the Self-Assessment; Chapter 9: Addressing Security Awareness and Training Requirements; Chapter 10: Addressing End- User Rules of Behavior.