Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Policies & Priorities

Federal Information Security Modernization Act (FISMA)

Policy Overview

Federal Information Security Modernization Act of 2014 (FISMA), dating back to 2002, requires agencies to report the status of their information security programs to OMB and requires Inspectors General (IG) to conduct annual independent assessments of those programs. OMB and the Department of Homeland Security (DHS) collaborate with interagency partners to develop the Chief Information Officer (CIO) FISMA metrics, and with IG partners to develop the IG FISMA metrics to facilitate these processes. OMB also works with the Federal privacy community to develop Senior Agency Official for Privacy (SAOP) metrics. These three sets of metrics together provide a more comprehensive picture of an agency’s cybersecurity performance.  

❮   Back to Policies, Priorities and Resources

An Official website of the Federal Government

Looking for U.S. government information and services?