FISMA , Standards, Regulations & Compliance

OMB Unveils Automated FISMA Reporting System

Substance of Reports Remains the Same as in Earlier Years
OMB Unveils Automated FISMA Reporting System
Changes are coming to the way federal CIOs will report how their departments and agencies comply with the Federal Information Security Management Act, but the revisions have nothing to do with new ways to measure how secure are government IT systems and networks. Starting this fall, departments and agencies must use a new automated reporting systems to file their annual FISMA and privacy reports.

In a 20-page memo issued Thursday to departmental and agency executive department and agency heads, Jeffrey D. Zients, Office of Management and Budget deputy director for management, and Federal CIO Vivek Kundra said reporting categories and questions are generally the same as last year, and the report will cover the same areas as in previous years.

"While the content of the report has changed little since 2008, the means of collection have changed substantially," the OMB officials wrote. "This year, rather than using spreadsheets, the annual FISMA report data collection will occur via an automated reporting tool. This tool will allow both manual data entry and automatic upload of data."

The memo provided Q&As to help chief information officers, inspectors general and senior agency officials for privacy to better understand the new reporting process. In the coming days, OMB will provide further instructions and a text version of the new system.

OMB extended by two months the deadlines for agencies to file to Nov. 18. The automated system only involves reports filed to OMB; reporting to Congress will continue as in prior years.

Click here for a copy of the memo.


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.