Describe FISMA.

What will be an ideal response?

FISMA is an omnibus regulation for the federal government and its agencies. Its intent is to define all of the necessary controls and procedural protections required to ensure information security in all of the federal space. FISMA requires every federal agency to develop, document, and implement an enterprise-wide program to secure information and information systems that support the operations and assets of every federal agency. The scope of that mandate includes those systems provided or managed by agency contractors, or other sources. FISMA is a piece of legislation; therefore, as is the usual case with legislation, the actual means of implementing the federal law is left up to the National Institute of Standards and Technology (NIST).