Risk ManagementUnited States
FISMA
FISMA is the Federal Information Security Modernization Act of 2014 (Public Law 113-283), amending the Federal Information Security Management Act of 2002 + codified at 44 USC Chapter 35 Subchapter II (sections 3551-3559). FISMA is the US federal statutory framework for information security applying to all federal agencies (excluding national-security systems covered separately) + contractors operating systems on behalf of federal agencies.
Domains
FISMA: Annual Independent Evaluation (IG Audit) and OMB FISMA Report
FISMA: Coordination with FedRAMP, EO 14028, OMB Memoranda and Status
FISMA: Statutory Structure (44 USC 3551-3559) and Definitions
FISMA: OMB + CISA Authority + Binding Operational Directives
FISMA: National Security Systems Exclusion + CIRCIA + Zero Trust
Compare FISMA
FISMA by Industry
FISMA by Role
Frequently Asked Questions
What is FISMA?
FISMA is the Federal Information Security Modernization Act of 2014 (Public Law 113-283), amending the Federal Information Security Management Act of 2002 + codified at 44 USC Chapter 35 Subchapter II (sections 3551-3559). FISMA is the US federal statutory framework for information security applying to all federal agencies (excluding national-security systems covered separately) + contractors operating systems on behalf of federal agencies.
How many controls does FISMA have?
FISMA contains 12 controls organized across 7 domains.
Where does FISMA apply?
FISMA is applicable in United States. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.
What frameworks does FISMA map to?
FISMA has control-to-control mappings with 99 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.
How do I get started with FISMA compliance?
Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.
How ready are you for FISMA?
Answer 25 questions and get a professional readiness report with gap analysis, maturity scores, and prioritised action items. Results in 5 minutes.