Price $2
Management 1 Page

Federal Information Security Management Act


Discussion 1:

The E-Government Act went by the 107th Congress and marked into law by the President in December 2002 perceived the significance of data security to the monetary and national security hobbies of the United States. Title III of the E-Government Act, entitled the Federal Information Security Management Act (FISMA) requires each elected organization to create, archive, and actualize an office wide program to give data security to the data and data frameworks that backing the operations and resources of the office, including those gave or oversaw by another office, builder, or other source. FISMA, alongside the Paperwork Reduction Act of 1995 and the Information Technology Management Reform Act of 1996 (Clinger-Cohen Act), unequivocally underlines a danger based approach for practical security. In backing of and fortifying this enactment, the Office of Management and Budget (OMB) through Circular A-130, Security of Federal Automated Information Resources, obliges official offices inside of the national government to: (1)Arrangement for security, (2)Guarantee that suitable authorities are doled out security obligation, (3)Intermittently survey the security controls in their data frameworks, (4)Approve framework handling before operations and, intermittently, from that point.


Hulitt, E., & Vaughn, R. B. (2010). Information system security compliance to FISMA standard: a quantitative measure. Telecommunication Systems, 45(2-3), 139-152.

Ross, R. (2007). Managing enterprise security risk with NIST standards.Computer, 40(8), 88-91.

Discussion 2:

FISMA, also known as Federal Information Security Management Act, was enacted in the year 2002. It is currently being revised. The main purpose of bringing this act into existence was to establish a clear criterion of improving federal agencies’ cyber security (Ross, 2005). The various practices implemented to ensure the effectiveness of risk management in the federal sector include shifting the focus from managing risks at the information systems level to the enterprise level (Scott Paquette, 2010). The information flow is categorized and on the basis of the information level, protection strategies and security requirements are identified. Risk management framework involves six steps i.e. categorization of the information systems, selection of the security controls, implementation of the same, assessment, authorization and monitoring (Vaughn, 2010).


Ross, R. (2005). The new FISMA standards and guidelines changing the dynamic of information security for the federal government. Military Communications Conference , 2, 864-870.

Scott Paquette, P. T. (2010). Identifying the security risks associated with governmental use of cloud computing. Government Information Quarterly , 27 (3), 245-253.

Vaughn, E. H. (2010). Information system security compliance to FISMA standard: a quantitative measure. Telecommuincation Systems , 45 (2), 139-152.

Discussion 3:

The Federal Information Security Management Act (FISMA) mandate involves federal data that is accessed through the Internet with its managing of security risks. In that regard, FISMA takes priority by carrying out annual reviews of security risks concerning programs with the collaboration of various security agencies (Rouse, 2015). The overall objective of FISMA is to facilitate a cost effective, efficient, and prompt approach to countering IT security risks that may threaten the safety of federal data over the Internet. The mandate of the FISMA and its associated components are in categorizing, selecting, refining, documenting, implementing procedures regarding risk assessment (Gibson, 2011). Hence, FISMA serves the purpose of assessing current security measures in line with imminent risks to determine the level of risk and lays the framework to solve the issues once it occurs. Later, the agencies can authorize information systems to process the data with the sole aim of enhancing its safety through cyber security.


Gibson, D. (2011). Managing risk in information systems. Sudbury, Mass.: Jones & Bartlett Learning.

Rouse, M. (2013, May 1). What is Federal Information Security Management Act (FISMA)? - Definition from Retrieved September 18, 2015.

Discussion 4:

As the US government has encountered enormous risks in terms of mismanagement, as it endeavors to offer services to its citizens, leading to costly damages and widespread ripple effects. However, measures have been taken to curb information systems risk through legislation. According to Gantz and Philpott (2013), Federal Information Security Management Act (FISMA) has created a framework where the federal government agencies secure information systems while managing risk that emerge from information resources within the agencies. The act has led to consistent and repeatable security control assessments among government agencies. FISMA has emphasized on cost-effective reduction of information security risks by formulating protective measures that seek to minimize risks and are acceptable across all government agencies.

The widespread use of computer technology and cyber-security in government agencies has led to a review of FISMA in 2014 to strengthen information security roles in the Department of Homeland Security (DHS), as well as the Office of Management and Budget (OMB) (“Actions Needed,” 2015). For effective risk management, FISMA has collaborated with the National Institute of Standards and Technology (NIST) in the fight against cybercrime and other risks by developing and encouraging implementation of strategies to adopt cloud-computing systems in the federal government. Through effective risk management, information technology and systems has guaranteed high economic performance and innovation in the federal government agencies.


Actions Needed to Address Challenges Facing Federal Systems. (2015). GAO Reports, 1-19.

Gantz, S. D., & Philpott, D. R. (2013). FISMA and the risk management framework: The new practice of federal cyber security. Boston: Syngress.


Title: Federal Information Security Management Act
Length: 1 pages (275 Words)
Style: MLA


Federal Information Security Management Act

It is not overstated to say that technology plays an indispensable role in the world today. Still, the rise in technology has with it brought a myriad other vices. Cyber-crime, for instance, has seen a steady rise in recent years. The information technology sector has experienced repeated attacks from both within and outside organizations. It is for this sole reason that, in 2002, after ratification by the 107thcongress, the then USA president, George W. Bush, passed the E-Government Act into law.


* Once your purchase is processed by paypal you will be redirected back to this page and you'll have the option to download the paper. We'll also send the paper to your paypal email address as proof of purchase.
Download Paper

Order a high quality custom written paper

With a team of proficient and enthusiastic writers, we are able to produce a compelling text on practically any topic.

Plagiarism Free

Excellent Quality