GAO: Agencies can’t get FISMA Just Right; DHS Responds That Guidance Needs To Be Updated. A new GAO report says major agencies continue to struggle with implementing the Federal Information Security Management Act. The GAO says the number of agencies able to track identified weaknesses fell to 15 from 20. In 2012, all but one of the 24 major federal agencies had weaknesses in the controls that are intended to limit or detect access to computer resources. A survey of federal IT and IT security managers says 83 percent believe continuous monitoring will improve security at their agencies.”]
Source: https://www.govinfosecurity.com/gao-agencies-cant-get-fisma-just-right-a-6108