The Office of Management and Budget issued guidelines to help federal agencies comply with the Federal Information Security Modernization Act, also known as FISMA, for fiscal year 2024.
The guidance includes requirements and deadlines for submitting FISMA reports to OMB and the Department of Homeland Security, OMB announced Monday.
The Budget Office emphasized the importance of FY 2024 in laying the foundation to meet the Biden administration’s goals under the executive order on improving national cybersecurity. Objectives such as zero trust implementation measurement in 2024 are also critical in achieving OMB’s pledge to transition the government toward zero trust principles.
One of the recommendations in the new memo is the identification and inventory of Internet of Things devices, prioritizing those that are critical to agencies operations. OMB also noted that the Federal Chief Information Security Officer Council will create a working group tasked to develop best practices for IoT and operational technology security.
Under FISMA, all agencies are required to submit their annual Chief Information Officer and Senior Agency Official for Privacy metrics as well as annual reports from their respective inspectors general by Oct. 31, 2024.