OMB POLICY STATEMENTS
OMB Proposes New FISMA Metric For Government Agencies
The Office of Management and Budget has detailed possible new metrics for agencies to use in the annual computer security reporting they do to comply with the Federal Information Security Management Act. The proposed metrics “represent a new approach, which focuses on improving security, not just compliance,” according to a statement posted on the National Institute of Standards and Technology’s Web site. Requirements for FISMA compliance have been often criticized for being too focused on paperwork.