FISMA Compliance
Adopt best practices to improve accountability and communication


FISMA Compliance Solution

The Federal Information Security Management Act (FISMA) requires federal agencies to develop and continuously review their information security program based on security standards developed by the National Institute of Standards and Technology (NIST).

Benefits of MetricStream IT GRC Solution for FISMA compliance

  • Manages an inventory of information systems including computers, software, data, interfaces, servers, networks, tools, people, business processes, and buildings, as well as information systems operated by third parties
  • Categorizes information and information systems according to risk levels (low, moderate, or high) as per Federal Information Processing Standards (FIPS) 199
  • Helps establish security controls as per NIST 800-53 requirements
  • Assesses and helps manage information system risks
  • Helps achieve system certification and accreditation
  • Enables FISMA audits to ensure compliance