skip to main content

H.R. 3844 (107th): Federal Information Security Management Act of 2002

We don’t have a summary available yet.

The summary below was written by the Congressional Research Service, which is a nonpartisan division of the Library of Congress, and was published on Mar 5, 2002.

Federal Information Security Management Act of 2002 - Requires the Director of the Office of Management and Budget to oversee Federal agency information security policies and practices, including by requiring each Federal agency to identify and provide information security protections commensurate with the risk and magnitude of harm resulting from the unauthorized use, disclosure, disruption, modification, or destruction of information or information systems. Requires each agency's senior officials to provide security for the information and systems that support their operations and assets and to develop plans and procedures to ensure the continuity of such information and systems.Requires the: (1) Director to establish and operate a central Federal information security incident center; and (2) head of each agency operating or controlling a national security system to take measures to protect such system.Authorizes appropriations for FY 2003 through 2007 for information security.Requires the Director (currently, the Secretary of Commerce) to promulgate standards and guidelines pertaining to Federal information (currently, computer) systems.Requires the National Institute of Standards and Technology to: (1) develop and submit to the Director standards and guidelines for information (currently, computer) systems used or operated by or for a Federal agency, other than national security systems; and (2) provide adequate security for such systems. Establishes in the Institute an Office for Information Security Programs.Renames the Computer System Security and Privacy Advisory Board as the Information Security Advisory Board.