Spelling suggestions: "subject:"atandards compliance"" "subject:"atandards kompliance""
1 |
Section 508 Adherence by Industry Professionals: Improving Universal Design through TrainingRincon, Antonio 01 January 2009 (has links)
Section 508 of the Rehabilitation Act Amendments of 1998 took effect in 2001 and provides encouragement for universal design and compliance requirements to the federal sector for purchases that are accessible by people with disabilities. A division of General Dynamics Advanced Information Systems (GDAIS) is located in Pittsfield, Massachusetts and provides electronic and information technology solutions to federal customers in the defense, intelligence, and homeland security communities.
The general lack of training is a major factor for low compliance to Section 508. Improving awareness is important at GDAIS in order to increase its federal sales market share, develop new products and services, transfer technology to other fields, and support a global market for users with different human conditions. The study aimed to implement a computer-based training program for design engineers and managers within GDAIS to foster universal design skills and increase accessibility awareness.
The four-level model created by Donald L. Kirkpatrick was utilized to evaluate the training. Survey, test, and interview instruments were designed to evaluate the reaction, learning, and behavior of the participants. An expert panel provided validation and reliability of the instruments. A case study methodology was used to analyze Section 508 compliance in depth for four months. Also analyzed were the possible effects of the training on the engineering design, the organization both financial and cultural, and the individual.
Learning of the standards and universal design concepts through better application of usability and accessibility features were improved. While the training did improve compliance slightly, there was a lack of Section 508 inclusion within solicitations. The organizational culture to support the disabled community showed a possibility of improving through awareness and education.
|
2 |
Information Processing System To Security Standard Compliance Measurement: A Quantitative Approach Using Pathfinder Networks (Pfnets)Hulitt, Elaine 11 December 2009 (has links)
Continuously changing system configurations and attack methods make information system risk management using traditional methods a formidable task. Traditional qualitative approaches usually lack sufficient measurable detail on which to base confident, cost-effective decisions. Traditional quantitative approaches are burdened with the requirement to collect an abundance of detailed asset value and historical incident data and to apply complex calculations to measure the data precisely in work environments where there are limited resources to collect and process it. To ensure that safeguards (controls) are implemented to protect against a majority of known threats, industry leaders are requiring information processing systems to comply with security standards. The National Institute of Standards and Technology (NIST) Federal Information Risk Management Framework (RMF) and the associated suite of guidance documents describe the minimum security requirements for non-national-security federal information and information systems as mandated by the Federal Information Security Management Act (FISMA), enacted into law on December 17, 2002, as Title III of the E-Government Act of 2002. This study proposes using the Pathfinder procedure to mathematically model an information system FISMA-required security control state and an actual information system security control state. A comparison of these two security control states using the proposed method will generate a quantitative measure of the status of compliance of the actual system with the FISMA-required standard. The quantitative measures generated should provide information sufficient to plan risk mitigation strategy, track system compliance to standard, and allow for the discussion of system compliance with the FISMA-required standard in terms easily understood by participants at various levels of an organization without requiring all to have detailed knowledge of the internals of the security standard or the targeted system. The ability to clearly articulate system compliance status and risk mitigation requirements is critical to gaining the support of upper-level management whose responsibility it is to allocate funds sufficient to support government security programs.
|
Page generated in 0.0604 seconds