Federal Information Security Management Act (FISMA)

The Federal Information Security Management Act (FISMA) is United States legislation that was signed into law as part of the Electronic Government Act of 2002.

FISMA directs that "Each federal agency shall develop, document, and implement an agency-wide information security program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source..." Federal Information Security Management Act of 2002: Title III of the e-Government Act of 2002.

The UAB FISMA Fact Sheet, UAB FISMA Information Assurance for Research at UAB, and UAB FISMA Compliance FAQ's are meant as guidance in understanding how FISMA applies to your grant or contract.