FIPS 199 | Standards for Security Categorization of Federal Information and Information Systems | Overview

FIPS 199, “Standards for Security Categorization of Federal Information and Information Systems”, effectively establishes security categories for both information and information systems, in accordance with Title III of the E-Government Act, entitled the Federal Information Security Management Act of 2002 (FISMA). Specifically, FISMA defines three (3) security objectives, commonly known as the CIA triad, which are the following:

Confidentiality: “Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information…”
Integrity: “Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity...”
Availability: “Ensuring timely and reliable access to and use of information…”

Learn more about our signature product, the Global Information Security Compliance Packet (GISCP)the world's most complete security policy packet containing over 2,850 + pages of in-depth information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and much more.

Learn more today about the GISCP by viewing sample policies, forms, hardening documents, and more.

FIPS 199 | Low, Moderate, and High Impact Levels | Learn More
FIPS 199 therefore defines three (3) levels of potential impact (1. Low. 2. Moderate. 3. High) on organizations or individuals should there be a breach of security (i.e., a loss of confidentiality, integrity, or availability).

  • Category | Impact: LOW-The unauthorized disclosure, modification, destruction, deletion, and removal of information along with the disruption of access to information results in a LIMITED adverse effect on the organization.
  • Category | Impact: MODERATE- The unauthorized disclosure, modification, destruction, deletion, and removal of information along with the disruption of access to information results in a SERIOUS adverse effect on the organization.
  • Category | Impact: HIGH- The unauthorized disclosure, modification, destruction, deletion, and removal of information along with the disruption of access to information results in a SEVERE | CATASTROPHIC adverse effect on the organization.

FIPS 199 | FISMA | NIST Compliance | Security Policies are Critical 
Compliance with the Federal Information Security Management Act of 2002 (FISMA) requires that federal agencies - and other related parties, such as outsourced contractors - develop, document, and implement a viable program relating to information security for ultimately ensuring the confidentiality, integrity, and availability (CIA) of assets within these federal agencies. It’s a tall order and challenging task, one that requires comprehensive operational, business specific, and information security policies, procedures, and other supporting documentation.

The answer is the Global Information Security Compliance Packet (GISCP) from Flat Iron Technologies, LLC, industry leaders offering a complete list of high-quality, professionally developed security documents for today’s demanding compliance needs. When purchasing and immediately downloading from Flat Iron Technologies, LLC, you’ll receive hundreds of policies, procedures, forms, checklists, templates provisioning and hardening documents -and much more.

GISCP - PREMIER Edition ($1,479.00)

Click below to view table of contents

GISCP cover