About FISMA

What is FISMA?

The Federal Information Security Management Act of 2002 (commonly abbreviated to FISMA) is another name for Title III of the U.S. E-Government Act (public law 107-347). FISMA defines a framework for ensuring the effectiveness of security controls over information and information systems that support federal operations. FISMA compliance is mandatory for federal agencies, their contractors and other organizations working on behalf of federal agencies.

FISMA 2014 reform

The Federal Information Security Modernization Act of 2014, which is also known by the abbreviation FISMA, is the name of the U.S. public law 113–283. Enacted in 2014, this new legislation updates and modernizes the original FISMA law to address current security concerns. It puts special emphasis on continuous compliance, monitoring and mitigation, periodic risk assessment and evaluation of controls.

Capabilities of Netwrix Auditor

Protect federal information and simplify your next FISMA audit with Netwrix Auditor

To adequately protect federal information and satisfy FISMA reporting demands, agencies need to establish and validate an appropriate set of security controls and continuously monitor the observation of security principles and policies. Netwrix Auditor helps the federal government and private contractors implement the information security provisions of FISMA to mitigate known or suspected cyber threats and ensure the confidentiality, integrity and availability of protected information.

Protect high-value federal information with actionable audit records

Detect and report on all IT changes affecting the rules that govern access control; monitor and control access permissions; and stay current on all unauthorized attempts to access sensitive information.

Pass external audits using out-of-the-box FISMA compliance reports

Use out-of-the-box compliance reports to demonstrate that specific security processes and procedures are in place and effectively managed.

Use Interactive Search to answer questions from FISMA auditors

If predefined reports do not deliver enough event-specific details and context, use Interactive Search to investigate the event from different angles and satisfy your assessors.

Reconstruct events with reliable, system-wide audit trails

Preserve details of important IT events in a two-tiered storage system that enables complete, organization-wide audit trails and ensures audit records are reliably tied to their specific time stamps.

See how Netwrix Auditor can help you meet the FISMA requirements of confidentiality, integrity and Availability of Data

Under the FISMA regulation, the National Institute of Standards and Technology (NIST) is assigned specific responsibilities, including the development of information security standards and guidelines for federal information systems. NIST special publication 800-53 provides a detailed catalogue of security controls, as well as extremely thorough practical guidelines for the assessment of those security controls once they are implemented.

The following chart explains how Netwrix Auditor can help you implement and validate selected security and privacy control families contained in FISMA / NIST 800-53 revision 4:

Access control

Netwrix Auditor capabilities:

  • Enables auditing of user account creation, deletion, enablement, disablement and modification.
  • Provides auditing of user access rights and permissions granted on files and folders across the entire IT infrastructure.
  • Enables you to audit password changes and resets, group membership changes, and group policy changes.
  • Enables auditing of the activities of privileged users, including capturing their screen activity.
  • Ensures auditing of logon activities, including unsuccessful attempts; alerts and reports on account lockouts.
  • Provides a mechanism for quick rollback of unauthorized and accidental changes to Active Directory objects, including restores of deleted objects without the need to reboot a domain controller.
  • Enables you to audit changes of your Active Directory screen saver timeout policy, remote desktop session timeout and other policies.
  • Facilitates change management, reviewing and monitoring of all user activities across the entire IT infrastructure via a change review history reporting mechanism.
  • Enables auditing of access to and modifications of the data stored in Microsoft SQL, file servers, SharePoint and other IT systems.

Audit and accountability

Netwrix Auditor capabilities:

  • Reports current and historic configuration states; captures and reports on changes and access events with who, what, when and where details and the before and after values; provides a complete audit trail preserved in a reliable two-tiered (file-based and SQL database) storage system which holds data for 10 years or longer and enables reporting, analysis and investigations.
  • Delivers daily summary reports indicating whether there were any failures of audit data collection, processing and other critical processes.
  • Facilitates auditing and improves internal control by providing multiple predefined reports with filtering sorting, exporting and subscription options; reduces the burden of systematic reviews of audit trails by offering reports with a change review history mechanism; offers real-time alerts for Active Directory and Windows Server that can be configured to provide timely notifications; provides the ability to search specific audit data with custom queries.

Security assessment and authorization

Netwrix Auditor capabilities:

  • Offers multiple predefined audit reports that deliver relevant context to tracked activities and enough details to assist with determining the effectiveness of security controls; enables easy creation of custom audit reports.
  • Enables you to compare the current state of an IT system to its historic states or the baseline configuration.

Configuration management

Netwrix Auditor capabilities:

  • Enables you to compare your organization's defined baselines to current and historic states of IT systems.
  • Tracks and reports on all changes in Active Directory, file servers and other systems so you can control deviations and violations; enables quick and easy rollback of certain unauthorized changes, returning the configuration to the original state.
  • Facilitates control over system configuration violations by reporting on changes to group and local policies, access permissions, the registry, and other configuration assets that can be critical for maintaining FISMA compliance.

Contingency planning

Netwrix Auditor capabilities:

  • Provides quick and easy access to audit trails for investigating security incidents and other problems and validating the effectiveness of the corresponding controls.
  • Enables you to roll back unwanted changes to Active Directory using a built-in object-level and attribute-level recovery wizard.

Identification and authentication

Netwrix Auditor capabilities:

  • Enables auditing of user accounts and user account creation, deletion and modification in Active Directory, Microsoft SQL Server and Windows Server; allows organizations to validate their compliance with NIST SP 800-53 guidelines and achieve FISMA compliance.
  • Detects and reports on changes to password policies; provides automatic password expiration notifications; simplifies password management with a challenge-response system.

Maintenance

Netwrix Auditor capabilities:

  • Captures all user activities during maintenance and preserves the records in a secure audit trail; provides the ability to compare the current system configuration with the one in the past or with the baseline state to validate proper system functionality after maintenance.
  • Enables auditing of remote access sessions and activities.

Personnel security

Netwrix Auditor capabilities:

  • Reports on user account creation, deletion, modification, activation and deactivation.
  • Detects and reports on user logons and logoffs.

Risk assessment

Netwrix Auditor capabilities:

  • Enables auditing of unauthorized access to resources with sensitive data.
  • Ensures consolidation and archiving of all audit trails; keeps audit data securely preserved in a reliable two-tiered storage for as long as required, while enabling continued quick access to audit records.

System and communications protection

Netwrix Auditor capabilities:

  • Enables auditing of privileged user activity across various IT systems in the IT infrastructure; facilitates access control with reporting on successful and failed access attempts, logons and logoffs.
  • Detects and reports on the granting of permissions and changes to user access rights.

System and information integrity

Netwrix Auditor capabilities:

  • Enables auditing of IT changes, access events, and historic and current system configurations across the broadest variety of IT systems.
  • Delivers actionable audit information that allows organizations to verify the correctness of system functioning by looking for deviations from baselines.
  • Makes audit data easily available with predefined, on-demand and scheduled reports, report subscriptions, real-time alerts, dashboards, interactive data search, filtering, sorting and exporting options, and more.
Please note that NIST SP 800-53 is a widely recognized and comprehensive code of practice for the security and privacy of sensitive information. Organizations subject to other compliance regulations, such as ISO27001 or COBIT, can adopt the NIST SP 800-53 security framework and use it to achieve continuous compliance with the other regulations as well.
Find more details about how specific FISMA / NIST security controls can be supported with particular Netwrix Auditor reports.
Download Netwrix Auditor Report Mapping (.pdf)

Federal agencies and their contractors rely on Netwrix Auditor to protect information assets and pass FISMA audits

"We needed a way to audit data and files related to police evidence. Netwrix Auditor for File Servers gives us the ability to provide an audit trail of any file activity and ensures sensitive data is protected. Storing evidence is critical when investigating crimes, and ensuring data security was a goal of the highest priority for the IT department. We have chosen software we can rely on, and consider it a strong internal control system that delivers complete visibility and continuous compliance across our entire IT infrastructure."

Barry Goldstrom,

IT Supervisor, The City of Artesia, New Mexico