TRENDING:

FISMA , Standards, Regulations & Compliance

OMB Unveils Automated FISMA Reporting System

Substance of Reports Remains the Same as in Earlier Years Eric Chabrow (GovInfoSecurity) • August 24, 2009    
OMB Unveils Automated FISMA Reporting System
Changes are coming to the way federal CIOs will report how their departments and agencies comply with the Federal Information Security Management Act, but the revisions have nothing to do with new ways to measure how secure are government IT systems and networks. Starting this fall, departments and agencies must use a new automated reporting systems to file their annual FISMA and privacy reports.

In a 20-page memo issued Thursday to departmental and agency executive department and agency heads, Jeffrey D. Zients, Office of Management and Budget deputy director for management, and Federal CIO Vivek Kundra said reporting categories and questions are generally the same as last year, and the report will cover the same areas as in previous years.

"While the content of the report has changed little since 2008, the means of collection have changed substantially," the OMB officials wrote. "This year, rather than using spreadsheets, the annual FISMA report data collection will occur via an automated reporting tool. This tool will allow both manual data entry and automatic upload of data."

The memo provided Q&As to help chief information officers, inspectors general and senior agency officials for privacy to better understand the new reporting process. In the coming days, OMB will provide further instructions and a text version of the new system.

OMB extended by two months the deadlines for agencies to file to Nov. 18. The automated system only involves reports filed to OMB; reporting to Congress will continue as in prior years.

Click here for a copy of the memo.

Previous
Air Force Activates Cyber Command in Texas
Next
Size Can be Deceptive: Two-Man IT Security Unit

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.