FISMA - Federal Information Security Management Act
While Federal security managers and systems owners may have different opinions about the impact of FISMA, they all agree on one point: FISMA has created a substantial new workload.

In addition to their on-going program management tasks, Government managers and systems owners are now facing increased demands to develop, manage, and update additional sets of documents and reports in response to an evolving set of FISMA-related demands.

A growing number of agencies have turned to IMSG to help them tackle the paperwork burden associated with FISMA compliance. As a direct result of IMSG's support, managers from each of these Federal agencies have reported that they received the highest grades on internal and external security reviews and audits.

IMSG provides the services of staff members who are experienced in both security management and compliance documentation. We equip our customers with a tool-enabled process that substantially reduces the paperwork burden. Our commitment is to enable security managers and system owners to reduce their time spent on compliance paperwork.

Our methods also enable managers to take a holistic approach, and tie together FISMA security compliance documentation with the Exhibit 300 and other Capital Planning and Investment Control (CPIC) reporting requirements. In this way, our customers are able to connect their security management requirements to their IT budgeting processes.

FISMA requires annual reporting, and our tool-enabled method establishes a baseline that enables agencies to show improvements in security profiles over time. We provide staff members with expertise in all areas of security management, including:

Risk Assessments
Security Plan Development and Updates
System Test and Evaluations
C&A Package Development
FISMA Compliance

Point of Contact:   Bob Fritschie, fritschier@imsg.com, (937) 427-9010