Resources for Federal Information Security Management Act (FISMA)

Despite Reported Progress, Federal Agencies Need to Address Persistent Weaknesses

GAO

Federal agencies rely extensively on computerized information systems and electronic data to carry out their missions. The security of these systems and data is essential to prevent data tampering, disruptions in critical operations, fraud, and the inappropriate disclosure of sensitive information. In reports to Congress since 1997, we have designated information security as a governmentwide high-risk issue—a designation that remains in force today.1
Concerned with accounts of attacks on systems through the Internet and reports of significant weaknesses in federal computer systems that make them vulnerable to attack, Congress passed the Federal Information Security Management Act (FISMA) in 2002.2 To address information security weaknesses, FISMA sets forth a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets. In addition, it provides a mechanism for improved oversight of federal agency information security programs

View the Resource

Share or bookmarklet this web page at: