Federal Information Security Management Act (FISMA) was created in 2002 to set out US federal agencies’ responsibilities in reducing information security risks. In addition to the US federal agencies and state agencies administering federal programs, the Act and resulting NIST standards also apply to private sector organizations that have contractual relationships with them.

These 40,000 plus private organizations must comply with FISMA and the standards developed by NIST (National Institute of Standards and Technology) who also provide guidance on how to implement them. Reporting requirements are strictly monitored by the OMB (Office of Management and Budget) to ensure compliance.

US Congress publishes FISMA results annually, meaning that one of the biggest penalties of non-compliance for commercial organizations is reputational damage. CIOs can be called to Capitol Hill on account of their agencies’ low FISMA score, and agency budgets can be threatened with cuts if scores don’t improve.

Our accurate auditing software helps organizations working with Federal organisations quickly and easily achieve compliance as it adheres to the NIST standards.

Download your free trial and put Titania to the test

Download >

Accurate vulnerability audits to manage risk better.

Our accuracy lets you reduce false positives and negatives whilst providing detailed configuration audits of firewalls, switches and routers. You can strengthen and secure your vital network devices.

Try it now >       Find out more >

Intelligently validate your security and compliance.

Paws accurately analyses the build configurations of your workstations, laptops and servers against your industry standards to help you evidence compliance, prioritize fixes and secure your devices.

Try it now >        Find out more >