Educause Security Discussion mailing list archives
Re: New VA FISMA Requirements for PIs in Research Institutions
From: Jill B Gemmill <JGemmill () UAB EDU>
Date: Tue, 13 Mar 2007 10:45:49 -0500
FISMA is a procedural framework in which NIST 800-53 Security Controls are applied. http://csrc.nist.gov/publications/nistpubs/800-53/SP800-53.pdf UAB has done some similar assessments for NIH Human Subject Contracts - investigators have expected us to supply some template language to plug in to their grants, while the actual requirements call for detailed description of the data flow, state of information at each point in the flow, and all applicable management, technical, and physical controls. ------------------------------------- Jill Gemmill, PhD University of Alabama at Birmingham | Data Security 205-975-2850 | jgemmill () uab edu From: Ronnie Jefferson [mailto:RONNIE.JEFFERSON () HAMPTONU EDU] Sent: Monday, March 12, 2007 3:48 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] New VA FISMA Requirements for PIs in Research Institutions Thanks Connie....this is very helpful!! Ronnie Ronnie Jefferson Director Data Conversion & Management Lab Hampton University Hampton, Va 23668 (757) 727-5928 (757) 728-6807 This message contains information which may be confidential and privileged. Unless you are the addressee (or authorized to receive for the addressee), you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail and delete all copies of the message. ________________________________ From: Sadler, Connie [mailto:Connie_Sadler () BROWN EDU] Sent: Monday, March 12, 2007 4:31 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] New VA FISMA Requirements for PIs in Research Institutions For those of you who do research with the Veterans Administration, have any of you been able to gather specific requirements for the very recent requirements to comply with FISMA? As some of you may know, we have been given requirements, and not much time to become compliant! I have some reference documents: http://www.research.va.gov/resources/policies/docs/PI-Certification.pdf and http://csrc.nist.gov/policies/FISMA-final.pdf, and http://csrc.nist.gov/publications/nistpubs/800-37/SP800-37-final.pdf. If some of you are interested, this might be something that we could organize an audio telecon around. Connie J. Sadler, CM, CISSP, CISM, GIAC GSLC IT Security Officer, Brown University Campus Box 1885, Providence, RI 02912 Connie_Sadler () Brown edu <mailto:Connie_Sadler () Brown edu> , Office: 401-863-7266 PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB <http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x91E38EFB> PGP Fingerprint: DA5F ED84 06D7 1635 4BC7 560D 9A07 80BA 91E3 8EFB ________________________________ The information contained in this message is intended only for the recipient, and may otherwise be privileged and confidential. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, please be aware that any dissemination or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify us by replying to the message and deleting it from your computer. This footnote also confirms that this email has been scanned for all viruses by the Hampton University's Center for Information Technology Enterprise Systems service.
Current thread:
- New VA FISMA Requirements for PIs in Research Institutions Sadler, Connie (Mar 12)
- <Possible follow-ups>
- Re: New VA FISMA Requirements for PIs in Research Institutions Ronnie Jefferson (Mar 12)
- Re: New VA FISMA Requirements for PIs in Research Institutions Charlie D. Kutil (Mar 12)
- Re: New VA FISMA Requirements for PIs in Research Institutions St Clair, Jim (Mar 13)
- Re: New VA FISMA Requirements for PIs in Research Institutions Jill B Gemmill (Mar 13)
- Re: New VA FISMA Requirements for PIs in Research Institutions Friedmann, Esther (Mar 13)