NISP eMASS DCSA Requirements for Users that Leave a Company
Attention industry, don't forget that it is a strict requirement to contact the DCSA NAO eMASS System Administrators immediately if an individual with an active eMASS account leaves the company. Specifically, it is the responsibility of Industry to properly maintain their eMASS Containers and inform DCSA of any changes in personnel status (i.e., termination, retirement, military deployment, etc.).
NISP eMASS DCSA Requirements for STIGs for Classified Systems
Per DCSA, For purposes of streamlining the onsite validation of a system, DCSA will use the DISA STIG, associated benchmark and STIG Viewer to assess the controls documented within the system security authorization package.
NISP eMASS DAAPM DCSA Requirements for System and Services Acquisition - Download NIST 800-53 SA Policy Templates
NIST (National Institute of Standards and Technology) Special Publication 800-53 provides a catalog of security and privacy controls for federal information systems and organizations. Within NIST 800-53, the "System and Services Acquisition" (SA) control family focuses on controls related to the acquisition, development, and maintenance of information systems. The SA controls are designed to ensure that adequate security measures are incorporated into systems and services throughout their lifecycle.
NISP eMASS DAAPM DCSA Requirements for System and Communications Protection - Download NIST 800-53 SC Policy Templates
The NIST (National Institute of Standards and Technology) Special Publication 800-53 provides a catalog of security and privacy controls for federal information systems and organizations. The controls are organized into families based on their related objectives. The SC control family within NIST 800-53 stands for "System and Communications Protection." It focuses on controls that are designed to protect the confidentiality, integrity, and availability of system communications and prevent unauthorized access to systems.
NISP eMASS DAAPM DCSA Requirements for System and Information Integrity - Download NIST 800-53 SI Policy Templates
The NIST (National Institute of Standards and Technology) Special Publication 800-53 provides a catalog of security and privacy controls for federal information systems and organizations. The controls are organized into families based on their related objectives. The SI control family within NIST 800-53 stands for "System and Information Integrity." It focuses on controls that are designed to protect the integrity of the information system and the information processed, stored, and transmitted by the system.
NISP eMASS DAAPM DCSA Requirements for Program Management - Download NIST 800-53 PM Policy Templates
The Program Management (PM) family within NIST 800-53 provides guidelines and recommendations for establishing and managing an effective information security program within an organization. The controls in this family focus on the governance, oversight, and management of information security activities and resources.
NISP eMASS DAAPM DCSA Requirements for Physical and Environmental Protection - Download NIST 800-53 PE Policy Templates
The Physical and Environmental Protection family within NIST 800-53 focuses on measures to protect physical assets and the environment in which the information systems operate. It addresses safeguards related to physical access controls, environmental controls, and physical security monitoring.
NISP eMASS DAAPM DCSA Requirements for Planning - Download NIST 800-53 PL Policy Templates
The Planning (PL) family within NIST 800-53 provides guidelines and recommendations for establishing and implementing an effective information security program within an organization. The controls in this family focus on developing policies, procedures, and documentation to guide security activities, manage risks, and ensure compliance with security requirements.
NISP eMASS DAAPM DCSA Requirements for Maintenance - Download NIST 800-53 MA Policy Templates
In NIST 800-53 Revision 5, the maintenance control family focuses on establishing processes and procedures for the effective and secure maintenance of information systems and associated components. The controls in this family aim to ensure that systems are properly maintained, vulnerabilities are promptly addressed, and changes to systems are managed in a controlled manner.