Change and Configuration Management for Government


Simplify Compliance with Federal Regulations and Standards 


The Federal Information Security Management Act (FISMA) is a federal law enacted in 2002 to recognize the importance of information security to the economic and national security interests of the United States. FISMA requires each federal agency to develop, document, and implement an agencywide program to provide security for the information and systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source. 

To strengthen information system security, FISMA assigns specific responsibilities to a federal agency called the National Institute of Standards and Technology (NIST). In particular, FISMA requires NIST to help implement policies and procedures that cost-effectively reduce information technology security risks to an acceptable level. NIST works with federal agencies to improve their understanding of FISMA compliance by publishing standards and guidelines which provide the foundation for strong information security programs.

Read the data sheet above to learn more!