Board Report: 2014-IT-B-021 December 18, 2014
Andrew Gibson, Project Lead
Morgan Fletcher, IT Audit Intern
Peter Sheridan, Senior OIG Manager for Information Technology Audits
Andrew Patchan Jr., Associate Inspector General for Information Technology
| A-130 | Office of Management and Budget Circular A-130, Appendix III, Transmittal Memorandum #4, Management of Federal Information Resources, November 2000 |
| ATO | authorization to operate |
| BISP | Board Information Security Program |
| Board | Board of Governors of the Federal Reserve System |
| CIO | Chief Information Officer |
| FISMA | Federal Information Security Management Act of 2002 |
| ISCM | information security continuous monitoring |
| ISCU | IT Security Compliance Unit |
| ISO | Information Security Officer |
| NIST | National Institute of Standards and Technology |
| OIG | Office of Inspector General |
| OMB | Office of Management and Budget |
| RMF | risk management framework |
| SP 800-37 | NIST Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach |
| SP 800-53 | NIST Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations |
| SP 800-137 | NIST Special Publication 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations |
| SSP | system security plan |
