Federal Information Security Management Act

Why Trust Techopedia

What Does Federal Information Security Management Act Mean?

The Federal Information Security Management Act (FISMA) is a United States Federal law for information security (IS) enacted in 2002. FISMA features include policy development, risk management and IS awareness training for federal agencies.

Advertisements

FISMA is also known as the E-Government Act.

Techopedia Explains Federal Information Security Management Act

FISMA dictates the establishment of IS protections during all federal agencies operations.

FISMA requires federal agencies to develop IS programs. It also promotes commercial information security tools. After risk outcome assessments are completed (addressing such events as unauthorized network access), policies and security standards must be developed. In addition, threat protections must be established throughout the development of any government information system. All established IS protective measures must be tested regularly to ensure optimal operations.

FISMA also allows a chief information officer (CIO) to delegate another officer for development of an agency IS program, which must be well-documented and include FISMA-dictated IS awareness training for employees and contractors.

FISMA also requires all agencies to establish and implement business continuity plans to address any actual threats during business operations. Independent information security program evaluations occur on an annual basis.

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…