Enacted in 2002, this U.S. law requires every Federal agency to implement information security programs, including significant reporting on compliance and accreditation. What is this law?

FISMA has been in effect since 2002 and was last revised in 2014. It delegated certain information security duties to NIST, OMB, and other government agencies, and appointed the Department of Homeland Security (DHS) as the operational lead for budgets and security guidelines.