Definition Edit

A reportable condition

exists when a security or management control weakness does not rise to level of a significant deficiency, yet is still important enough to be reported to internal management. A security weakness not deemed to be a significant deficiency by agency management, yet affecting the efficiency and effectiveness of agency operations, may be considered a reportable condition. However, due to lower risk, corrective action may be scheduled over a longer period of time. A reportable condition under FISMA is not reported as a material weakness under FMFIA.[1]

References Edit

  1. OMB Memorandum M-04-25, at 8.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.