1. Is the organization you selected for the learning portfolio FIPS 200 compliant? Why or why not?
(My organization wasU.S Department of Health and Human Services)
2. From a FIPS 200 perspective, what are the weakest areas of the cyber security policy associated with the organization you selected? Discuss at least two weak areas and describe why.
3. If you were the Federal CIO what would you do about organizations that are not FIPS 200 compliant? Why?