23. What are the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and why are information security policies so important for regulatory compliance?

First and foremost, DISA, as it’s commonly called, is officially the Defense Information Systems Agency within the U.S. Department of Defense – a Combat Support Agency comprising of thousands of individuals (i.e., military, federal, civilian, and others) providing “command and control information sharing capabilities…” – www.disa.mil.

DISA STIGs | Comprehensive Configuration Standards Documentation

What’s given DISA notable attention in recent years is their Security Technical Implementation Guides, known as STIGs. STIGs are extremely in-depth and comprehensive configuration standards and guidelines developed in accordance for DOD IA and IA-enabled devices/systems, whereby step-by-step instructions are provided for provisioning, hardening, securing and “locking-down” critical system resources. The STIGs Master List (from A to Z) offers a large and ever-growing list of helpful documents for ultimately ensuring the confidentiality, integrity, and availability (CIA) of one’s system resources. They’re a great resource for any organization that’s serious about information security, so use them as you see fit. Learn more about the DISA STIGs at http://iase.disa.mil/stigs/index.html

Documented Information Security Policies and Procedures are Critical 

If you’re using the DISA STIG’s to help further secure your overall information security landscape, then you’ll without question also need documented information security policies and procedures – industry leading documents developed by world-class I.T. engineers, such as those offered by FLANK. As a recognized industry leader in the field of security documentation, the FLANK21 set of documents from FLANK includes hundreds of various operational, business specific, and information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and more. .

I.T. Policies for Regulatory Compliance | FISMA, HIPAA, GLBA, and More

There are so many regulatory compliance laws and industry directives – all of them essentially requiring documented policies and procedures – that it’s imperative to find a credible, trusted source offering high-quality documentation. That very source is FLANK.  From FISMA compliance to HIPAA, GLBA, and many other legislative mandates – trust FLANK for providing your organization with comprehensive information security documentation, along with other supporting operational and business specific policies and procedures.