As computer technology has advanced, federal agencies and other government entities have become dependent on computerized information systems to carry out their operations. To help ensure the proper operation of these systems, FISCAM provides auditors with specific guidance for evaluating the confidentiality, integrity, and availability of information systems.
FISCAM is also consistent with National Institute of Standards and Technology's (NIST) guidelines for complying with the Federal Information Security Modernization Act of 2014 (FISMA). This law requires federal agencies to develop, document, and implement agency-wide programs to ensure information security. NIST Special Publication 800-53 provides recommended security controls for federal information systems and organizations, and appendix 3 of FISCAM provides a crosswalk to those controls.
RSA Archer provides authoritative source content for several FISCAM booklets including:
- FISCAM - Evaluating and Testing Business Process Application Controls
- FISCAM - Evaluating and Testing General Controls
This content is available in English only.
The FISCAM authoritative source content is available with the use of the RSA Archer Policy Program Management, RSA Archer IT Policy Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.
For More Information
For Additional Support
To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case or contact RSA Archer at email@example.com for more information.