Meeting the New OMB Security Mandates: M-14-03 and M-14-04: How to Comply Training Workshop

Overview of the Workshop:

In November 2013, OMB released two memorandums regarding information security continuous monitoring (ISCM) and FISMA reporting metrics for FY13: OMB Memo M-14-03: Enhancing the Security of Federal Information and Information Systems and OMB Memo M-14-04: Fiscal Year 2013 Reporting Instructions for the Federal Information Security Management Act (FISMA) and Agency Privacy Management . With limited resources, federal agencies are looking for guidance on how to comply with these new requirements while minimizing the burden on staff.

This workshop is designed for information systems security officers, managers, or executives who are responsible for computer security or FISMA compliance for systems or programs. Participants will learn methods to create and sustain an information security continuous monitoring (ISCM) program and efficiently and effectively sustain an internal control program after the initial assessment is complete.

Participants will also gain an understanding of how to comply with the FY13 FISMA reporting metrics. The workshop will present very practical information about the federal government’s information security requirements for ISCM and FISMA and offer insight on integration, risk assessment, testing, internal control software and reporting. The focus of this workshop will be on efficiently meeting ISCM and FISMA requirements as described in OMB Memos M-14-03 and M-14-04 and will be a combination of instructor-led sessions and panel sessions led by government executives.

What You Will Learn:

ISCM and FISMA FY13 reporting guidance, methodology and requirements
How to Develop, Maintain and Implement ISCM Strategy
Guidance on Assessing and Developing Staff and Resources for your ISCM Strategy
Current trends in ISCM products and services
ISCM Lessons Learned from Federal information security executives
Independent Evaluations of ISCM from an audit perspective

Why You Should Attend:

Receive guidance on the latest OMB memos
Agency security executives, managers, staff, CIOs, and oversight organizations need to understand the OMB Memos and insure their programs comply
Attendees with ISC2 certifications will receive CEUs

Who Should Attend:

ISSOs, ISSMs and security staff
CIOs, CISOs, CTOs, CFOs, Deputies, Associates and Staff
Compliance and Enforcement Officers
System and network administrators who play a role in FISMA and continuous monitoring
Executives, Managers, and Staff Responsible for FISMA Compliance
Staff who are focusing on security assessment and authorization (traditional C&A) and continuous monitoring issues
IGs and Auditors
Program Managers Developing or Maintaining IT Systems
IT Professionals Interesting in Improving IT Security
State Government Security managers who voluntarily adapt the NIST and FISMA Guidelines and Standards for their States

Format:

Presentations by professional in Implement Information Security Continuous Monitoring (ISCM), NIST and FISMA compliance consultants
Panel discussions led by experienced government and industry experts

Speaker and Presenter Information

Keynote Speaker: Dr. Ron Ross NIST FELLOW Leader, FISMA Implementation Team National Institute of Standards and Technology (NIST) Leader, Joint Transformation Initiatives Interagency Working Group Author of SP800-53 Rev 4 Instructors: Greg Wallig CISA, CGEIT Principal Global Public Sector Grant Thornton LLP Dan Waddell Senior Manager, Cybersecurity Solution Lead Grant Thornton Global Public Sector Carrie Boyle Manager, Cybersecurity Solutions Grant Thornton Global Public Sector Nsiona N. Di Bassinga Manager, Information Assurance Solutions Grant Thornton Global Public Sector

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID