The Federal Information Security Management Act (FISMA) is a framework designed to protect the United States government against cybersecurity attacks and natural disasters that put sensitive data at risk.
U.S. federal agencies chose SailPoint to help protect their digital identities
increase in cyber incidents at federal agencies since 2016 1
Who must comply with FISMA?
- All U.S. federal government agencies
- State agencies administering federal programs such as unemployment insurance, student loans, Medicare and Medicaid
- Any private sector company doing contracted work for the U.S. government
How can SailPoint help you comply with FISMA?
Our open cloud identity governance platform makes it easy for you to stay compliant by seeing and controlling access to all your apps and data for every user, including bots.
- United States Government Accountability Office, “Federal Information Security: Weaknesses Continue to Indicate Need for Effective Implementation of Policies and Practices,” September 2017.
What are the key FISMA areas identity governance addresses?
Govern who has access to what, who should have access and how that access is used.
Audit and accountability
Produce audit trails and enable periodic reviews of access rights to enhance audit performance and adhere to regulatory mandates.
Identification and authentication
Integrate SailPoint’s identity governance with various single sign-on and multi-factor authentication solutions.
Continually asses risk levels by classifying sensitive data stored in applications and files, automating access reviews to identify inappropriate access and using AI to monitor and identify unusual access.
What if your organization doesn’t comply?
There is a range of potential penalties including censure by Congress, reduction in federal funding and reputational damage.
Make sure you’re compliant with FISMA.
Learn how SailPoint can help.