Active Directory How-To pages

Active Directory Auditing Tool
Get Your Free Trial Free, fully functional 30-day trial
Active Directory Auditing Tool

The Who, Where and When information is very important for an administrator to have complete knowledge of all activities that occur on their Active Directory. This helps them identify any desired / undesired activity happening. ADAudit Plus assists an administrator with this information in the form of reports. In real-time, ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects - Users, Groups, GPO, Computer, OU, DNS, AD Schema and Configuration changes with 200+ detailed event specific GUI reports and email alerts.

Account Management » Active Directory How-To pages

Basic requirements for FISMA compliance

The Federal Information Security Management Act (FISMA) is a United States federal law that mandates federal agencies to develop, document, and implement an information security and protection program.

The top FISMA requirements include:

  • Maintaining an inventory of information systems.
  • Categorizing information and information systems according to risk level.
  • Maintaining a system security plan.
  • Utilizing security controls.
  • Conducting risk assessments.
  • Certification and accreditation.
  • Conducting continuous monitoring.

Following are the steps to become FISMA compliant:

  • Categorize the information to be protected.
  • Select minimum baseline controls.
  • Refine controls using a risk assessment procedure.
  • Document the controls in the system security plan.
  • Implement security controls in appropriate information systems.
  • Assess the effectiveness of the security controls once they have been implemented.
  • Determine agency-level risk to the mission or business case.
  • Authorize the information system for processing.
  • Monitor the security controls on a continuous basis.