Federal Information Security | State Information Security
Federal Critical Infrastructure Protection (CIP) | Other

Federal Information Security

Public Laws:

Federal Information Security Management Act of 2002 (FISMA) - FISMA, enacted 12/17/2002, permanently authorizes and strengthens the information security program, evaluation, and reporting requirements for federal agencies. Click here for a more detailed description of FISMA.

Cyber Security Research and Development Act (CSRDA) -- CSRDA, enacted 11/27/2002, authorizes funding for new computer and network security research and grant programs. Click here for a more detailed description of CSRDA.

OMB Guidelines:

Security of Federal Automated Information Resources, Appendix III to OMB Circular No. A-130 -- This Circular, revised 2/8/1996, establishes policy for the management of Federal information resources. Click here for a more detailed description of OMB Circular A-130.

Guidance on Implementing the Government Information Security Reform Act, OMB M-01-08 - This memorandum, dated 1/16/2001, provides guidance to agencies to ensure the proper management and security for the information resources supporting Federal operations and assets.

Guidance on Implementing the Federal Information Security Management Act -- The guidance, issued in XXXX 2003, highlights new requirements set out under the latest security legislation, the Federal Information Security Management Act (FISMA), which was passed as part of the E-Government Act of 2002. Agencies must evaluate the effectiveness of their information security programs periodically throughout the year, rather than simply conduct an annual review. <Need to add this guidance when available>

NIST Security Standards and Guidance:

Special Publications in the 800 series present documents of general interest to the computer security community. The Special Publication 800 series was established in 1990 to provide a separate identity for information technology security publications.