OMB proposes new FISMA performance metrics

OMB wants feedback on potential metrics

The Office of Management and Budget has detailed possible new metrics for agencies to use in the annual computer security reporting they do to comply with the Federal Information Security Management Act.

The proposed metrics “represent a new approach, which focuses on improving security, not just compliance,” according to a statement posted on the National Institute of Standards and Technology’s Web site. Requirements for FISMA compliance have been often criticized for being too focused on paperwork.

OMB asked that comments on the potential metrics be sent to by Jan. 4, 2010.

In the OMB’s report to Congress on agencies’ FISMA implementation during fiscal 2008, OMB said it would review the security metrics agencies use to report their compliance with FISMA and it may develop new metrics to improve the assurance of information security.

“These metrics should encourage agencies to take concrete steps to improve their security posture by implementing monitoring tools, strengthening areas such as identity and configuration management, and reporting on four new categories: remote access management, identity and access management, data level controls, real-time security awareness and management,” the statement, posted Dec. 8, said.

About the Author

Ben Bain is a reporter for Federal Computer Week.


  • Congress
    U.S. Capitol (Photo by M DOGAN / Shutterstock)

    Funding bill clears Congress, heads for president's desk

    The $1.3 trillion spending package passed the House of Representatives on March 22 and the Senate in the early hours of March 23. President Trump is expected to sign the bill, securing government funding for the remainder of fiscal year 2018.

  • 2018 Fed 100

    The 2018 Federal 100

    This year's Fed 100 winners show just how much committed and talented individuals can accomplish in federal IT. Read their profiles to learn more!

  • Census
    How tech can save money for 2020 census

    Trump campaign taps census question as a fund-raising tool

    A fundraising email for the Trump-Pence reelection campaign is trying to get supporters behind a controversial change to the census -- asking respondents whether or not they are U.S. citizens.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.