As a security analyst for a U$.$S$.$ federal agency, you have been asked by management to make sure that the company meets all requirements for FISMA $($the Federal Information Security Modernization Act$)$ in a practical and applicable way for your organization.

At the moment, these requirements are not focused on personal data and privacy.

Which of the following resources would MOST likely provide the guidance that you need to meet the FISMA regulations?