Which legislation requires federal agencies to implement an agency-wide information security program?

The Federal Information Security Management Act (FISMA) is the legislation that mandates federal agencies to develop and implement an agency-wide information security program. This legislation was enacted to improve the security and protection of government information and information systems. FISMA emphasizes the need for a comprehensive framework to ensure that information security risks are adequately managed and mitigated. It requires agencies to assess their information security policies, perform regular audits, and report on their security posture to ensure compliance, thereby enhancing the overall security of federal information systems. Understanding FISMA is essential for professionals in administrative roles, as it guides the practices and procedures needed to uphold information security standards within federal agencies.