Sample Regulatory / Standards Flow Down
You ever get stuck having to explain why FISMA and associated byproducts of it are the main drivers for your compliance requirements? This is an EXAMPLE of why:
In this example the top flow down for an agency (in this case the Internal Revenue Service) you see how the high level FISMA law produces subsequent pubs/directives/etc down to the lower level regulatory manuals of the organization that prescribe specific security requirements and settings.
In this example the top flow down for an agency (in this case the Internal Revenue Service) you see how the high level FISMA law produces subsequent pubs/directives/etc down to the lower level regulatory manuals of the organization that prescribe specific security requirements and settings.