Security Program Reviews

GTA has adopted the security requirements created by the Federal Information Security Management Act (FISMA) of 2002 and the FISMA Implementation Project conducted by NIST. GTA's policies and standards were developed in accordance with FISMA, and OIS conducts program reviews to help agencies identify and remediate deficiencies. These reviews are based on federal guidance from Program Review for Information Security Management Assistance (PRISMA). The reviews are focused on the agency's security management and operational processes based on requirements established by statewide security policies, the Federal Information Security Management Act (FISMA), and the National Institute of Standards and Technology (NIST) Computer Security Division.

The ultimate goal of these reviews is to assist agencies in:

Building robust information security and risk management programs
Preparing for future reporting and audit requirements
Responding to audit or assessment findings

Templates

Georgia System Security Plan Template (DOC, 389.91 KB)

Georgia agencies are required to identify each information system that contains, processes, and transmits state data and information and prepare and implement a plan for the security and privacy of these systems.
NIST 800-53 Revision 4 High Impact Controls Worksheet (XLS, 24.67 KB)
NIST 800-53 Revision 4 Low Impact Controls Worksheet (XLS, 20.66 KB)
NIST 800-53 Revision 4 Moderate Impact Controls Worksheet (XLS, 23.81 KB)

Security Program Reviews

Templates

Did you find what you were looking for on this page?

Call Us

Send a Message

Visit

Hours