Accreditation of Commercial Software, Myths and Methods

Опубликовано 20 июня 2019, 20:55

Software developers wishing to offer their commercial products to the U.S. Government face a dizzying array of compliance programs. Understanding FISMA, FedRAMP, DoD SRG, ICD-503, CJIS, and even HIPAA is critical to delivering value to the mission, and are dependent on the specific workload and the customer. This session will de-mystify compliance, starting with foundation of "NIST 800.-53", and helping a solution provider understand the range of requirements from "NIST Cybersecurity Framework" to "NIST 800-171", and who is responsible for providing the body of evidence and achieving accreditations.