What is a C&A report card?

Prepare for the FISMA Interview Test. Get familiar with key topics and enhance your knowledge with flashcards and multiple-choice questions. Study effectively and be ready for your exam!

Multiple Choice

What is a C&A report card?

Explanation:
In federal information security, Certification and Accreditation (C&A) is the process used to verify that a system’s security controls are properly designed, implemented, and tested before the system can operate. The C&A report card is the annual self-assessment agencies prepare to show how well those controls meet FISMA requirements and privacy protections, and it is submitted to the White House Office of Management and Budget for oversight. It communicates the current security posture, any residual risk, and whether the system remains authorized to operate. This makes it the best fit because it directly describes an annual FISMA/privacy compliance report to OMB, whereas the other options describe different, unrelated duties like vendor risk assessments, incident logging, or training tracking.

In federal information security, Certification and Accreditation (C&A) is the process used to verify that a system’s security controls are properly designed, implemented, and tested before the system can operate. The C&A report card is the annual self-assessment agencies prepare to show how well those controls meet FISMA requirements and privacy protections, and it is submitted to the White House Office of Management and Budget for oversight. It communicates the current security posture, any residual risk, and whether the system remains authorized to operate. This makes it the best fit because it directly describes an annual FISMA/privacy compliance report to OMB, whereas the other options describe different, unrelated duties like vendor risk assessments, incident logging, or training tracking.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy