FISMA Audit and Enterprise Risk Management

Safe. Compliant. Business.

The dramatic expansion in computer interconnectivity and the rapid increase in the use of the Internet have changed the way our government, the nation, and much of the world communicate and conduct business. However, without proper safeguards, systems are unprotected from individuals and groups with malicious intent to intrude and use the ac-cess to obtain sensitive information, commit fraud, disrupt operations, or launch attacks against other computer systems and networks.

This concern is well-founded for a number of reasons, including the dramatic increase in reports of security incidents, the ease of obtaining and using hacking tools, the steady advance in the sophisti¬cation and effectiveness of attack technology, and the dire warnings of new and more destructive at¬tacks to come. Information secu¬rity is a critical consideration for any organization that depends on information systems and computer networks to carry out its mission or business. It is especially important for government agencies where maintaining the public’s trust is essential.

The E-Government Act (Public Law 107-347) passed by the 107th Congress and signed into law by the President in December 2002 recognized the importance of information security to the economic and national security interests of the United States. Title III of the E-Gov-ernment Act, entitled the Federal Information Security Management Act (FISMA), requires each Federal Agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

Life Information Technology provides high-technology solutions and services to Federal Agencies and commercial customers that require high quality in every aspect of a project, from planning to delivery and documentation. We also provide services for project architecture design, application design, development of specialized hardware and software, hardware installation and data center auditing.