FMS’ Information Security Program covers the entire range of security requirements, from payment processing and accounting practices to student privacy protection at the record level. Each and every process and entity is managed actively within our technology architecture.
We adhere to over 600 separate security controls across FISMA, PCI-DSS, SSAE 16, and ISO 17799 / 27001 / 27002. Our security controls are assessed annually by certified independent assessors to ensure that we remain in compliance with all relevant standards.
Compliant with:
|
Significance
|
FISMA The Federal Information Security Management Act
|
Ensures the confidentiality, availability, and integrity of federal information and information systems through adherence to security configuration standards developed and maintained by the National Institute of Standards and Technology (NIST) including Continuous Security Assessment requirements that demand a continuous monitoring program (as opposed to purely annual assessments) |
PCI-DSS The Payment Card Industry Data Security Standard
|
Enhances payment account data security through consistent security management, policies, procedures, network architecture, software design, and other critical protective measures |
ISO 17799 / 27001 / 27002 International Organization for Standardization
|
Ensures an effective, global information security management plan through compliance with hundreds of controls and control mechanisms determined via formal risk assessments specific to our business |
SSAE 16 Statement on Standards for Attestation Engagements No. 16
|
Ensures our compliance as a service organization across control environments, control activities, information and communication processes, risk assessments, and monitoring per the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) |
FERPA
The Family Educational Rights and Privacy Act |
Ensures the protection of student privacy rights and student personally identifiable information in compliance with Federal law |