What is FISMA and DoD Directive 8500.1?

FISMA mandates:

• Annual Training for all personnel (government & contractors)
• Intrusion detection and response
• Information security throughout each program life cycle

C&A Testing

Department of Defense (DoD) Directive 8500.1 requires all DoD information systems to maintain an appropriate level of confidentiality, integrity, authentication, non-repudiation, and availability that reflects a balance among:

• Importance and sensitivity of information and assets
• Importance and sensitivity of threats and vulnerabilities
• Trustworthiness of users and interconnecting systems
• Impact of impairment or destruction to the DoD system
• Cost effectiveness COMPUSEC
• Personnel Security