The IT Law Wiki


Office of Management and Budget, Guidance on Implementing the Government Information Security Reform Act (OMB Memorandum M-01-08) (Jan. 16, 2001) (full-text).


This guidance focuses on unclassified Federal systems and addresses only those areas of the Government Information Security Reform Act[1] that introduce new or modified requirements. The Act requires for both unclassified and national security programs: (1) annual agency program reviews; (2) annual Inspector General (IG) evaluations; (3) agency reporting to OMB the results of IG evaluations for unclassified systems and audits of IG evaluations for national security programs; and (4) an annual OMB report to Congress summarizing the materials received from agencies. Agencies will submit this information beginning in 2001 as part of the budget process.

The guidance also refers to some of the Act's provisions for national security systems. Unless otherwise specified, implementation of those provisions must be consistent with existing Presidential directives regarding national security systems.


  1. Pub. L. No. 106-398.