Fandom

The IT Law Wiki

Significant deficiency

32,562pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

Information system Edit

A significant deficiency is

a control deficiency, or combination of deficiencies, in internal control that is less severe than a material weakness, yet important enough to merit attention by those charged with governance.[1]
a weakness in an agency's overall information systems security program or management control structure, or within one or more information systems, that significantly restricts the capability of the agency to carry out its mission or compromises the security of its information, information systems, personnel, or other resources, operations, or assets. In this context, the risk is great enough that the agency head and outside agencies must be notified and immediate or near-immediate corrective action must be taken. A significant deficiency under FISMA is to be reported as a material weakness under the Federal Managers Financial Integrity Act (FMFIA).[2]

References Edit

  1. Information Security: Federal Deposit Insurance Corporation Has Made Progress, but Further Actions Are Needed to Protect Financial Data, at 1 n.3.
  2. OMB Memorandum M-04-25, at 8.

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.