7.6 FISMA Report to Congress
OMB publishes a FISMA Annual Report to Congress (The White House. Federal Information Security Modernization Act of 2014. Annual Report to Congress. FY 2018) each fiscal year which includes data reported by agencies to OMB and CISA highlighting government-wide cybersecurity programs and initiatives, and agencies’ progress to enhance federal cybersecurity from the past year and into the future. Part of what is included in agencies’ evaluations submitted to OMB include independent evaluations by the IG or independent external auditor for each agency which determines the effectiveness of the information security policies, procedures, and practices supporting their agency’s information security programs. (GAO-19-545. Agencies and OMB Need to Strengthen Policies and Practices. July 2019.) The FISMA Annual Report to Congress can be found at www.whitehouse.gov.
For more information consult the Reporting Calendar.