Showing results for 
Search instead for 
Did you mean: 
No ratings
Archer Employee
Archer Employee

As computer technology has advanced, federal agencies and other government entities have become dependent on computerized information systems to carry out their operations. To help ensure the proper operation of these systems, FISCAM provides auditors with specific guidance for evaluating the confidentiality, integrity, and availability of information systems.


FISCAM is also consistent with National Institute of Standards and Technology's (NIST) guidelines for complying with the Federal Information Security Modernization Act of 2014 (FISMA). This law requires federal agencies to develop, document, and implement agency-wide programs to ensure information security. NIST Special Publication 800-53 provides recommended security controls for federal information systems and organizations, and appendix 3 of FISCAM provides a crosswalk to those controls.


RSA Archer provides authoritative source content for several FISCAM booklets including:

  • FISCAM - Evaluating and Testing Business Process Application Controls
  • FISCAM - Evaluating and Testing General Controls



This content is available in English only.



Control standard mappings are not available for these authoritative sources.


Licensing Restrictions

The FISCAM authoritative source content is available with the use of the RSA Archer Policy Program Management, RSA Archer IT Policy Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.


For More Information

To learn more about the U.S. G.A.O. Federal Information System Controls Audit Manuals (FISCAM) Authoritative Source Content:


For Additional Support

To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case.

Was this article helpful? Yes No
Version history
Last update:
‎2021-08-23 05:08 PM
Updated by: