Follow Us:

Federal Information Security Management Act


FISMA was established in 2002 to protect the economic and national security interests of the United States. The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

Agencies must adhere to a framework provides for the following:

  • Inventory of Information Systems
  • Categorize information and information systems according to risk level
  • Security controls
  • Risk assessment
  • System security plan
  • Certification and accreditation
  • Continuous monitoring

The standards to achieve FISMA compliance are dictated by the following:

  • NIST (National Institute of Standards and Technology)
  • FIPS (Federal Information Processing Standards)


National Institute of Standards and Technology (NIST)


Government Agencies

How secure is your organization?

Speak with an information security expert to find out.

All Areas of Compliance