U.S. Department of Health and Human Services
FISMA creates a tie between an agency’s implementation of their security program and the agency’s budget for IT. The annual FISMA report includes input from HHS’s Chief Information Officer, the Office Inspector General, and HHS’s Senior Agency Official for Privacy (SAOP). The exact content of the report is determined by the Office of Management and Budget (OMB) and may change from year to year.
Page 2 of 8
Information Security and the EPLC FISMA