Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Who determines the adequacy of FISMA compliance?

adequacy compliance FISMA
0
Posted

Who determines the adequacy of FISMA compliance?

0 CommentsAdd a Comment

1 Answer

0

Many organizations and individuals have a role in determining FISMA compliance. Congress establishes top-level security requirements for federal agencies and support contractors in the FISMA legislation. NIST develops the security standards and guidelines necessary for FISMA implementation including a risk-based approach for selecting, implementing, and assessing security controls for federal information systems and for determining risk to organizational operations and assets, individuals, other organizations, and the Nation. Agency heads, in coordination with their Chief Information Officers and Senior Agency Information Security Officers report the security status of their information systems to OMB in accordance with annual FISMA reporting guidance. Inspectors General provide an independent assessment of the security status of federal information systems, also reporting results to OMB annually.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123