Understanding the 3 FISMA Compliance Levels: Low, Moderate, and High

by Tori Thurmond / January 31, 2024

What is FISMA? The Federal Information Security Management Act (FISMA) is a piece of United States legislation, enacted as part of the Electronic Government Act of 2002. FISMA’s intent is to protect government information and assets from unauthorized access, use, disclosure, disruption, modification, or destruction of information and information systems. FISMA is the law; NIST Special Publication 800-53, Security Controls for Federal Information Systems and Organizations, is the standard that…

Read More

Why Should Your Employees Sign a Policy Acknowledgment Form?

by Tori Thurmond / January 17, 2024

What does it mean for your employees to acknowledge your employee policies and procedures? To comply with information security standards, it’s required that all employees have expressed acknowledgment of the policies in place within your organization, specifically through a policy acknowledgment form for things like your information security policies and employee handbook. Having policy acknowledgment forms is an important piece of the puzzle when it comes to policy development and…

Read More

The Ultimate Vendor Due Diligence Checklist

by Hannah Grace Holladay / February 14, 2024

Vetting and choosing vendors are some of the most important decisions you’ll make for your business, especially when it comes to information security. They could do everything from run your call center to store your data, monitor your systems, or destroy your records. Yes, you can outsource a process or a department to vendors – but you can never outsource risk. No matter the vendor, they pose some level of…

Read More