The internal C&A team is responsible for describing the types of vulnerability and associated mitigation reports for the government agency. The team is also responsible for producing the reports and ensuring that they meet FISMA security risk assessment guidelines. The reports should show the status and corrective actions for the vulnerabilities.
Describe the FISMA guidelines for reporting vulnerabilities and mitigations. Also, describe how the organization will provide regular reporting of significant information systems (IS) threats and vulnerability trend information, and corrected versus still-active vulnerabilities.
The overall objective for this discussion question will be to explain the following:
- Discuss FISMA guidelines and requirements for addressing currently held threats, vulnerabilities, and risks by using some of the following concepts in the discussion:
- Describe examples of security trend information to include the changing levels of threats and vulnerabilities.
- Explain how your team will develop and provide reports listing corrected versus still-active vulnerabilities and the types of vulnerabilities being identified in the report.
After completing the post of your main discussion question response, assess the responses of others and provide an assessment of 2 other students’ posts in the area of trend information and active vulnerabilities. Use the following questions as a guide:
- Were there new trends or vulnerabilities presented by your classmates that you did not find in your research?
- What were the criticalities of those findings?
- Upon assessing the posts of others did they provide input very similar to the threats, trends and vulnerabilities that you described?
Please use APA for any references used in your research of these topics.
You will be graded on the quality of your postings.
|Due By (Pacific Time)
||05/05/2015 06:00 pm