FISMA - Federal Information Security Management Act of 2002 Home Cybersecurity Dictionary FISMA - Federal Information Security Management Act of 2002 FISMA provides a framework to ensure comprehensive measures are taken to secure federal information and assets. Signed into law as part of the Electronic Government Act of 2002, FISMA was designed to help protect and increase security around sensitive federal information. The National Institute of Standards and Technology (NIST) helped with the implementation of the act in 2003 and outlined nine steps to compliance for governmental agencies, including defining risk assessment procedures, documentation and implementation of controls, determining risk levels, security monitoring, and more. It is advised that private sector organizations that do, or want to do business, with federal agencies maintain FISMA compliance. Related TermsNIST CSF - National Institute of Standards and Technology Cybersecurity Framework Share: Seeking Clarity? View the Cybersecurity Dictionary for top terms searched by your peers. Back to the Dictionary RELATED INSIGHTS BLOG November 07, 2017 GDPR Part 3: GDPR and the Information Security Program In this third and final part of the series, we’ll spend some time bringing GDPR and its various requirements back into the information security progra... See Details Read more about GDPR Part 3: GDPR and the Information Security Program BLOG October 25, 2017 GDPR Part 1: A Legal, IT, or Information Security Issue? The General Data Protection Regulation (GDPR) is a new regulation affecting organizations that reside in the European Union (EU) or merely transmit EU... See Details Read more about GDPR Part 1: A Legal, IT, or Information Security Issue? How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.