Federal Laws, Mandates, and Standards
Risk Management Framework
Authorizing Information Systems
Information Security Continuous Monitoring (ISCM)
Security Control Families – Management
Security Control Families – Technical
Security Control Families – Operational
Answers to Knowledge Check Questions
Answers to Pre-Assessment and Post-Assessment Questions
November 2018 Update!
The purpose of the FITSI certification program is to validate the skills of IT security professionals against NIST standards and documentation. The FITSP-Auditor certification is designed to demonstrate that Federal workforce personnel, both Federal employees and contractors, who possess the knowledge of Federal IT security requirements necessary to successfully audit and review the management, operational, and technical IT security controls for systems owned by, or operated on behalf of, the Federal government.