Templates
Information Security
FISMA Compliance Checklist
📋

FISMA Compliance Checklist

1
Identify and classify information systems
2
Create a system security plan
3
Identify, assess and prioritize risks
4
Design and implement necessary security controls
5
Document security controls
6
Approval: Security Control Documentation
7
Test and evaluate security control effectiveness
8
Develop plan to remediate identified weaknesses
9
Implement remediation plan
10
Re-test remediated controls
11
Approval: Remediation Effectiveness
12
Develop continuous monitoring strategy
13
Implement continuous monitoring strategy
14
Review and update security plans and control documentation
15
Approval: Management Review
16
Prepare for external audits
17
Participate in external audits
18
Address audit findings
19
Revise procedures as necessary based on audit findings
20
Approval: Revised Procedures