Announcements

• FNR sponsors Email Authentication and DNSSEC Training Workshops for federal employees.
• 2011 Federal Cybersecurity Conference and Workshop review materials have been published to OMB Max.
• The White House has released a Cybersecurity Legislative Proposal Fact Sheet.
• The National Security Agency (NSA) has published best practices for securing a home network. (PDF, 8 pages - 488 KB)

Resources

Final FY12 FISMA Reporting Metrics

• FY12 Chief Information Officer FISMA Reporting Metrics (PDF, 70 pages – 644 KB)
• FY12 Q2 Chief Information Officer FISMA Reporting Metrics (PDF, 2 pages -70 KB)
• FY12 Senior Agency Official for Privacy FISMA Reporting Metrics (PDF, 1 page - 88 KB)
• FY12 Q2 Senior Agency Official for Privacy FISMA Reporting Metrics (PDF, 1 page - 36 KB)
• FY12 Micro Agency FISMA Reporting Metrics (PDF, 10 pages - 174 KB
• FY12 Inspector General FISMA Reporting Metrics (PDF, 17 pages, 241 KB)

Security Management Maturity Questionnaire (SMMQ) - a tool for federal departments and agencies to use in assessing the implementation of important security program management practices in an organization.

• SMMQ Administrators Guide (PDF, 14 pages - 1.05 MB)
• SMMQ v1 (PDF, 26 pages - 2.38 MB)
• SMMQ Scoresheet (XLS, 4 pages - 800 KB)

Continuous Asset Evaluation, Situational Awareness and Risk Scoring reference architecture (CAESARS) - a solution for making assessments on a continuous or nearly continuous basis, which is a prerequisite for moving IT security management from isolated assessments that support infrequent authorization decisions to continuous risk management. The CAESARS approach provides a means of monitoring the security controls in place and for focusing staff efforts on those controls most likely to enhance the agency’s information security posture.