Author : nist
Publisher :
ISBN 13 : 9781494786731
Total Pages : 74 pages
Book Rating : 4.7/5 (867 download)
Book Synopsis Integrating IT Security Into the Capital Planning and Investment Control Process by : nist
Download or read book Integrating IT Security Into the Capital Planning and Investment Control Process written by nist and published by . This book was released on 2013-12-23 with total page 74 pages. Available in PDF, EPUB and Kindle. Book excerpt: Traditionally, information technology (IT) security and capitalplanning and investment control (CPIC) processes have been performed independently by security and capital planning practitioners. However, the Federal Information Security Management Act (FISMA) of 2002 and other existing federal regulations charge agencies with integrating the two activities. In addition, with increased competition for limited federal budgets and resources, agencies must ensure that available funding is applied towards the agencies' highest priority IT security investments. Applying funding towards high-priority security investments supports the objective of maintaining appropriate security controls, both at the enterprise-wide and system level, commensurate with levels of risk and data sensitivity. This special publication (SP) introduces common criteria against which agencies can prioritize security activities to ensure that corrective actions identifiedin the annual FISMA reporting process are incorporated into the capital planning process to deliver maximum security in a cost-effective manner.