The IT Law Wiki

OMB Memorandum M-14-03

32,054pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

Office of Management and Budget, Enhancing the Security of Federal Information and Information Systems (OMB Memorandum M-14-03) (Nov. 18, 2013) (full-text).

Overview Edit

This memorandum provides agencies with guidance for managing information security risk on a continuous basis and builds upon efforts towards achieving the cybersecurity CAP goal. The requirement to manage information security risk on a continuous basis includes the requirement to monitor the security controls in Federal information systems and the environments in which those systems operate on an ongoing basis — one of six steps in the National Institute of Standards and Technology (NIST) Risk Management Framework. This allows agencies to maintain ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions.

Also on Fandom

Random Wiki