{"id":2788,"date":"2010-08-10T11:13:50","date_gmt":"2010-08-10T10:13:50","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=2788"},"modified":"2015-09-09T19:37:26","modified_gmt":"2015-09-09T11:37:26","slug":"openfisma-fisma-compliance-risk-management-application","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2010\/08\/openfisma-fisma-compliance-risk-management-application\/","title":{"rendered":"OpenFISMA – FISMA Compliance & Risk Management Application"},"content":{"rendered":"
The OpenFISMA project is an open source application designed to reduce the complexity and automate the regulatory requirements of the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).<\/p>\n
OpenFISMA is built on a modern, standardized platform called Zend Framework, which is an open source, object-oriented web application framework with a flexible architecture.<\/p>\n
The OpenFISMA project is unique in several ways.<\/p>\n
Features<\/strong><\/p>\n OpenFISMA provides a proven business process for tracking the remediation of security weaknesses. This business process enforces quality controls and segregation of duty, pulling together individuals from different areas of the organization to plan, execute, and review all remediation actions.<\/li>\n Access control is based on roles; each role has fine-grained access to certain privileges on each information system that is being tracked. The roles are completely customizable.<\/li>\n Authentication in OpenFISMA can be handled by any LDAP-compatible service, such as Microsoft Active Directory (AD) or OpenLDAP, in order to provide single sign-on convenience for your agency’s users.<\/li>\n\n