Optiv Cybersecurity Dictionary

What is FISMA - The Federal Information Security Management Act of 2002?

FISMA provides a framework to ensure comprehensive measures are taken to secure federal information and assets.


Signed into law as part of the Electronic Government Act of 2002, FISMA was designed to help protect and increase security around sensitive federal information. The National Institute of Standards and Technology (NIST) helped with the implementation of the act in 2003 and outlined nine steps to compliance for governmental agencies, including defining risk assessment procedures, documentation and implementation of controls, determining risk levels, security monitoring, and more. It is advised that private sector organizations that do, or want to do business, with federal agencies maintain FISMA compliance.


Contact Us