CRE Homepage About The CRE Advisory Board Newsletter Search Links Representation Comments/Ideas
Data Access
Data Quality
Regulation by Litigation
Regulation by Appropriation
Special Projects
CRE Watch List
OMB Papers
Abstracts and Reviews
Regulatory Review
Voluntary Standards Program
CRE Report Card
Public Docket Preparation
Consumer Response Service
Site Search

Enter keyword(s) to search

OMB: Defining Security Reporting Policies
The OMB is being asked to clarify security reporting policies for minor systems by members of the federal Chief Information Security Officers Forum. The confusion stems from the Federal Information Security Management Act of 2002 (FISMA), of which OMB gave no examples of how to run minor systems. Common systems for all federal agencies under FISMA guidelines would be more efficient according to the memo.

"Without actual examples, there's always room for interpretation."

"FISMA is pretty clear on the major systems; it's all the other little cats and dogs, the minor systems," about which the rules are unclear.

  • Click to learn more.