Skip to main content

Policies & Priorities

Federal Information Security Modernization Act (FISMA)

Policy Overview

Federal Information Security Modernization Act of 2014 (FISMA), dating back to 2002, requires agencies to report the status of their information security programs to OMB and requires Inspectors General (IG) to conduct annual independent assessments of those programs. OMB and the Department of Homeland Security (DHS) collaborate with interagency partners to develop the Chief Information Officer (CIO) FISMA metrics, and with IG partners to develop the IG FISMA metrics to facilitate these processes. OMB also works with the Federal privacy community to develop Senior Agency Official for Privacy (SAOP) metrics. These three sets of metrics together provide a more comprehensive picture of an agency’s cybersecurity performance.  

Related Policies, Priorities and Resources

Policy

Federal Cybersecurity Workforce Strategy

Policy

Management of High Value Assets

Policy

Circular No. A-130 - Managing Information as a Strategic Resource

Priority

The Federal Risk and Authorization Management Program (FedRAMP)

Policy

Identity, Credentialing, and Access Management (ICAM)

Priority

Cybersecurity

Policy

Trusted Internet Connection 3.0

Guidance

Federal Government Adoption of Internet Protocol Version 6 (IPv6) FAQs (2011)

Guidance

Planning Guide and Roadmap Toward IPv6 Adoption within the Federal Government (2012)

Report

CISO Handbook

Guidance

Cloud Operations Best Practices & Resources Guide

Website

FedRAMP Website

Website

FICAM's Identity Management Website

Website

Performance.gov - Government Performance Website

❮   Back to Policies, Priorities and Resources

CIO.gov

An Official website of the Federal Government

Looking for U.S. government information and services?
Visit USA.gov