Developing a scalable and sustainable FISMA compliance program

September 2010
  • Print-friendly version
Developing a scalable and sustainable FISMA compliance program

At a glance

This PwC publication addresses a cost-effective, solutions-oriented approach for preparing to meet the new FISMA reporting requirements.

The Federal Information Security Management Act (FISMA) was established in 2002 to guide Federal agencies in developing and assessing their information security programs. Annually, each agency must report FISMA compliance for information systems supporting their operations, including systems managed by third-parties. The Office of Management and Budget (OMB) issues guidance, on an annual basis, in the form of a questionnaire for both the agency Chief Information Officer (CIO) and Inspector General (IG) to report FISMA compliance.