|
| leghisturl = http://thomas.loc.gov/cgi-bin/bdquery/z?d107:HR03844:@@@X | introducedin = House | introducedbill = | introducedby = Thomas M. Davis (R–VA) | introduceddate = March 5, 2002 | committees = House Government Reform, House Science | passedbody1 = House | passeddate1 = November 15, 2002 | passedvote1 = passed without objection | passedbody2 = Senate | passedas2 = | passeddate2 = November 15, 2002 | passedvote2 = passed unanimous consent | conferencedate = | passedbody3 = | passeddate3 = | passedvote3 = | agreedbody3 = | agreeddate3 = | agreedvote3 = | agreedbody4 = | agreeddate4 = | agreedvote4 = | passedbody4 = | passeddate4 = | passedvote4 = | signedpresident = George W. Bush | signeddate = December 17, 2002 | unsignedpresident = | unsigneddate = | vetoedpresident = | vetoeddate = | overriddenbody1 = | overriddendate1 = | overriddenvote1 = | overriddenbody2 = | overriddendate2 = | overriddenvote2 = | amendments = | SCOTUS cases = }} The Federal Information Security Management Act of 2002 ("FISMA", , ''et seq.'') is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002 (, ). The act recognized the importance of information security to the economic and national security interests of the United States. The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.〔 FISMA has brought attention within the federal government to cybersecurity and explicitly emphasized a "risk-based policy for cost-effective security."〔 FISMA requires agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency’s information security program and report the results to Office of Management and Budget (OMB). OMB uses this data to assist in its oversight responsibilities and to prepare this annual report to Congress on agency compliance with the act.〔FY 2005 Report to Congress on Implementation of The Federal Information Security Management Act of 2002〕 In FY 2008, federal agencies spent $6.2 billion securing the government’s total information technology investment of approximately $68 billion or about 9.2 percent of the total information technology portfolio.〔FY 2008 Report to Congress on Implementation of The Federal Information Security Management Act of 2002〕 ==Purpose of the act== FISMA assigns specific responsibilities to federal agencies, the National Institute of Standards and Technology (NIST) and the Office of Management and Budget (OMB) in order to strengthen information security systems. In particular, FISMA requires the head of each agency to implement policies and procedures to cost-effectively reduce information technology security risks to an acceptable level.〔 According to FISMA, the term ''information security'' means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide integrity, confidentiality and availability 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Federal Information Security Management Act of 2002」の詳細全文を読む スポンサード リンク
|