What is the Federal Information Security Management Act?
Federal Information Security Management Act FISMA requires federal agencies to implement a mandatory set of processes and system controls designed to ensure the confidentiality, integrity, and availability of system-related information.
What does the FISMA Modernization Act of 2014 do?
It also: Simplifies existing FISMA reporting to eliminate inefficient or wasteful reporting while adding new reporting requirements for major information security incidents. The Federal Information Security Modernization Act of 2014 amends the Federal Information Security Management Act of 2002 (FISMA).
What is the information security Authorization Act of 2003?
Authorizes appropriations for FY 2003 through 2007 for information security. Requires the Director (currently, the Secretary of Commerce) to promulgate standards and guidelines pertaining to Federal information (currently, computer) systems.
What is GSA’s information security management program?
To facilitate FISMA compliance, GSA maintains a formal program for information security management focused on FISMA requirements, protecting GSA IT resources, and supporting the GSA mission. This program consists of policies, procedures, and processes to mitigate new threats and anticipate risks posed by new technologies.
What is the legislative history of FISMA?
Legislative history. The Federal Information Security Management Act of 2002 (FISMA, 44 U.S.C. § 3541, et seq.) is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002 (Pub.L. 107–347, 116 Stat. 2899).
What are the requirements of the Information Security Act?
It requires federal agencies to implement information security programs to ensure the confidentiality, integrity, and availability of their information and IT systems, including those provided or managed by other agencies or contractors.