Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

U.S. Government

Cyber Security Legislation and Mandates

Check Point offers proven and certified solutions that meet and exceed the stringent requirements established by government standards, approval processes and security industry tests. Please see our complete list of certified solutions for more details.

NSTISSP #11
NSTISSP #11 is a national security community policy governing the acquisition of information assurance (IA) and IA-enabled information technology products. The policy was issued by the Chairman of the National Security Telecommunications and Information Systems Security Committee (NSTISSC), 2/1/00. The policy mandates, effective 1 July 2002, that departments and agencies within the Executive Branch shall acquire, for use on national security systems, only those COTS products or cryptomodules that have been validated in accordance with the International Common Criteria for Information Technology Security Evaluation, National Information Assurance Partnership's (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS), or by the National Institute of Standards and Technology (NIST) Federal Information Processing Standards (FIPS) Cryptomodule Validation Program (CMVP).

GISRA
Part of the Defense Authorization Act of 2001, the Government Information Security Reform Act (GISRA) requires agencies to implement efforts to secure electronic information and systems; to thoroughly assess their security management practices; and to report on their security programs, processes, technology and personnel to the Office of Management and Budget (OMB).

FISMA
In 1983, the California Legislature passed the Financial Integrity and State Manager's Accountability Act of 1983 (FISMA). This act required that state agencies establish and maintain a system of internal accounting and administrative control. To ensure that the requirements are fully complied with, the head of each agency is required to prepare and submit a report on the adequacy of the system of internal accounting and administrative control following the end of each odd-numbered fiscal year.

Section 508 Compliance
Section 508 is a part of the Rehabilitation Act of 1973 which requires that electronic and information technology developed, procured, maintained, or used by the Federal government be accessible to people with disabilities. On August 7, 1998, the President signed into law the Workforce Investment Act of 1998, which includes the Rehabilitation Act Amendments of 1998. Section 508 was originally added to the Rehabilitation Act in 1986; the 1998 amendments significantly expand and strengthen the technology access requirements in Section 508.