The highly-regulated financial industry is ruled by FISMA, the Federal Information Security Management Act. Written into law in 2002, it mandates the ways in which financial data is protected, stored, or accessed by government agencies. It also extends to companies who do business with government agencies and state agencies that administer federal programs – which means if you are a government contractor or do business with the state or federal government in any sector, you must abide by the same rules.
FISMA was created to meet the need to improve how electronic information is managed and processed. Though it lays out a detailed list of regulations, the onus is on the companies themselves to develop and maintain an information security plan that complies with its mandates. Non-compliance, in some cases, can lead to a reduction of federal funding and an inability to apply for government contracts, not to mention the reputational harm that could ensue.
A common barrier, especially as it pertains to smaller government offices and vendors who supply services to government agencies, is that the necessary skills are not always readily available in-house. As a specialist in compliance-based IT services, Trinsic Technologies can support you with a complete range of services, each designed to meet and exceed FISMA standards.
The payment card industry data security standard (PCI) is similar in its goals, although it operates outside of the government landscape. PCI standards apply to any store, merchant, or retailer that processes, holds, or transmits cardholder data of any kind.
Reach out today to schedule a consultation or to learn more about what you need to do to assure compliance with FISMA and PCI standards.