Federal Information Security Management Act (FISMA) was enacted five years ago. Bruce Brody, former CISO of the U.S. Department of Energy, isnt so sure those grades are accurate representations of agencies security proficiency. Brody posits that the White Houses Office of Management and Budget should recognize security processes that include continuous system and network scans and the maintainance of audit logs, he says. For more information on FISMA grades, visit Federal Computer Week.”]
Source: https://www.csoonline.com/article/2120519/former-doe-ciso-questions-fisma-paperwork.html