Federal Information Security Management Act

What Does Federal Information Security Management Act Mean?

The Federal Information Security Management Act (FISMA) is a United States Federal law for information security (IS) enacted in 2002. FISMA features include policy development, risk management and IS awareness training for federal agencies.


FISMA is also known as the E-Government Act.

Techopedia Explains Federal Information Security Management Act

FISMA dictates the establishment of IS protections during all federal agencies operations.

FISMA requires federal agencies to develop IS programs. It also promotes commercial information security tools. After risk outcome assessments are completed (addressing such events as unauthorized network access), policies and security standards must be developed. In addition, threat protections must be established throughout the development of any government information system. All established IS protective measures must be tested regularly to ensure optimal operations.

FISMA also allows a chief information officer (CIO) to delegate another officer for development of an agency IS program, which must be well-documented and include FISMA-dictated IS awareness training for employees and contractors.

FISMA also requires all agencies to establish and implement business continuity plans to address any actual threats during business operations. Independent information security program evaluations occur on an annual basis.


Related Terms

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…