Useful Links

The links below serve as helpful background.


FISMA – Federal law mandating increased focus on information security and stronger security controls for information systems in the Federal Executive branch.

Federal Information Security Management Act of 2002

Federal Information Security Modernization Act of 2014

FISMA Overview


Office of Management and Budget (OMB) – Office responsible for executing the President’s directives in a variety of areas, one of them being federal financial information management.

Information for Agencies

OMB Circulars



OMB Memoranda – Memoranda are updated every year, changing the numbers and titles each time. Check this link for the most current memoranda.

National Institute of Standards and Technology – Government organization tasked with arbitrating the standards and producing the publications that govern FISMA.

Special Publications

SP 800-37 (Risk Management Framework)

SP 800-53 (Security Controls)

Federal Information Processing Standards

Certification & Accreditation

Ongoing Authorization


FedRAMP – Process developed for Cloud Service Providers who want to sell their services to federal agencies.


CIO Metrics – Federal CIO Council’s oversight and assessment concerning cybersecurity of federal agencies by FISMA and agency-specific standards.