Federal Information Security Management Act

1388 Words6 Pages
1. Name and Describe two (2) U.S. based compliance laws that exist. There are six U.S. based compliance law to date. These are Federal Information Security Management Act (FISMA) 2002, Health Insurance Portability and Accountability Act (HIPAA) 1996, Gramm-Leach-Bliley Act (GLBA) 1999, Sarbanes-Oxley Act (SOX) 2002, Family Educational Rights and Privacy Act (FERPA) 1974, Children’s Internet Protection Act (CIPA) 2000. The two I will discuss are: Federal Information Security Management Act (FISMA) – This refers to a U.S. law that was enacted in 2002 to lay down a comprehensive framework on how government information are protected. This also relates to operations and assets against natural or man-made threats. This act assigns responsibilities to federal agencies that re responsible for system and data protection, ensuring that all elements of FISMA are complied to, and integration of security measures throughout federal agencies in cost-effective, timely and efficient manner (. FISMA regulations require that inspection of the agencies be done annually through an independent evaluation (Gibson, 2010, pg. 59). The evaluation seeks to test the effectiveness of policies and practices in agencies and compile a report that identifies the state of compliance of that agency. Gramm-Leach-Bliley Act (GLBA) – This U.S. based legislation was enacted in 1999. It requires that all financial institutions or companies that offer financial services (loans, credits financial advice, insurance)
Open Document