Editor’s Note: OMB’s FISMA reporting memorandum is attached here.
The Memororandum from OMB Deputy Director for Management Jeffrey Zients stresses three priorities:
This year, agencies have continued to focus on implementing the Administration’s three cybersecurity priorities established in fiscal year (FY) 2011: 1) Continuous Monitoring; 2) Trusted Internet Connection capabilities and traffic consolidation; and 3) strong authentication using HSPD-12 Personal Identity Verification cards for logical access. These priorities focus Federal agency efforts to identity who is on their networks, what is on their networks and when network security posture changes, and what is entering and existing on their networks. The FY 2012 FISMA metrics issued by the Department of Homeland Security established minimum and target levels of performance for these priorities, as well as metrics for other key performance areas.
For more information about the Continuous Monitoring aspects of the OMB FISMA reporting instructions, please see CRE’s Continuous Monitoring Discussion Forum here.
The instructions reference an earlier OMB Memorandum, M-10-28, Clarifying Cybersecurity Responsibilities and Activities of the Executive Office of the President and the Department of Homeland Security (DHS), which for ease of reference is attached here.
The Memorandum includes two attachements, the FY 2012 FISMA Reporting Guidance and FY 2012 Frequently Asked Questions on Reporting for the Federal Information Security Management Act and Agency Privacy Management.
Leave a Reply