Integrating FISMA and NIST into .edu (or Play NISTy for Me)

Federal funders like the NIH and the VA increasingly require security assurances from grantees. Typically, these assurances are surrounded by words like "FISMA," "Certification and Accreditation," and "NIST." This presentation will look at the basics of these requirements and discuss how to integrate these concepts into .edu. The presentation will focus specifically on how central IT security organizations can make the process more efficient from a faculty perspective. We will also share lessons learned from .edu and .gov research organizations on how to make the NIST documents relevant and useful (or at least less painful).