No edit summary |
No edit summary |
||
| Line 6: | Line 6: | ||
The '''Government Information Security Reform Act''' ('''GISRA''') established information security program, evaluation, and reporting |
The '''Government Information Security Reform Act''' ('''GISRA''') established information security program, evaluation, and reporting |
||
| − | requirements for federal agencies. GISRA required agencies to perform periodic threat-based risk assessments for systems and [[data]]. GISRA also required the agency head to ensure that the agency’s information security plan is practiced throughout the life cycle of each agency system. |
+ | requirements for federal agencies. GISRA required agencies to perform periodic threat-based risk assessments for systems and [[data]]. GISRA also required the agency head to ensure that the agency’s information security plan is practiced throughout the life cycle of each agency system. GISRA required agencies to provide training on security awareness for agency personnel and on security responsibilities for information security personnel. |
Revision as of 09:14, 6 January 2008
Citation: Title X, Subtitle G—Government Information Security Reform, Floyd D. Spence National Defense Authorization Act for Fiscal Year 2001, P.L.106-398, October 30, 2000.
The Government Information Security Reform Act (GISRA) established information security program, evaluation, and reporting
requirements for federal agencies. GISRA required agencies to perform periodic threat-based risk assessments for systems and data. GISRA also required the agency head to ensure that the agency’s information security plan is practiced throughout the life cycle of each agency system. GISRA required agencies to provide training on security awareness for agency personnel and on security responsibilities for information security personnel.