NEW - buy the ISO/IEC 2700x ISMS standards from Zygma's web site (as PDF documents) - click here     
Home      Site map      About Us      Legal       Contact

 

Services

ISO/IEC 27001 (ISMS)

Federal Information Security Act (FISMA)

HSPD-12 & FIPS 201

Standards & Regulations

GSA Schedule 70

Papers

Certificates

Partners

ISACA (inc. Orange County Chapter)

Curricula Vitae

http://news.bbc.co.uk

Federal Information Security Management Act
   and its harmonization with ISO/IEC 27001

Zygma is at the leading edge of FISMA & ISMS harmonization, if not defining the leading edge itself. 

We have a number of activities under weigh in this domain at the moment and will be updating this page in the near future. For the moment, we give you just an overview here.

We have written a number of papers and given presentations on the subject of FISMA & ISMS harmonization.  You can read those here: Zygma's original paper on FISMA/ISMS alignment (harmonization), and a later paper presented at the CISSE conference in 2007 (with the slides available here).

We have also prepared, under contract to the Federal Public Key Infrastructure (FPKI) Policy Authority, extensive mappings between two principle FISMA-supporting documents: OMB A-130 Appendix III against ISO/IEC 27002:2005 and NIST Special Pubication 800-53 against ISO/IEC 27001:2005.

The latter mapping addresses not only the ISMS Controls, as defined in '27001 Annex A and supported with implementation 'best practice' guidance in '27002, but also the complete process-related requirements from '27001, as set out in its §4 to §8 inclusive.  It is anticipated, but yet to be confirmed, that NIST will be including this mapping in its Revision 3 of Special Pubication 800-53, scheduled to be published 2008-12.

In the meantime, these mappings are being put to use in an ISMS which Zygma is helping develop for the FPKI Management Authority (formerly the Operational Authority). And whilst these mappings are not yet in the public domain we are able to assist our clients in benefiting from them by making them available under a contracted NDA.

Zygma is presently continuing with its FISMA / ISMS harmonization as applied research, so come back for an update from time to time - we expect to have some further interesting news by end of 2008-05.

We thank you for your interest.

© 2008   the Zygma partnership LLC     Office: +1 714 965 99 42      Mobile: +1 714 797 99 42      Email:     
Note - if you are submitting an enquiry or expect to receive email from us, please ensure that your spam filtering will accept mail from the domain 'Zygma.biz'