Pronounced like "automatic", but starting with "fizz".
The goal of FISMAtic is to reduce the amount of time spent authoring, reviewing, and editing the security compliance documentation leading up to an Authority to Operate (ATO). We plan to build prototype(s) that:
-
Feedback on security compliance documentation
-
Help compliance teams select security controls that are appropriate to a system (tailored baselines)
- This can cut out time spent around irrelevant controls in all other steps of the compliance lifecycle
- Video demo - 6/21/19
- Interview with Nextgov
- Background information
- Research summary
- Code information
If you’ve worked in this space or are interested in collaborating, please reach out in an issue or by email at cat@census.gov.
Thanks!