Home / Technology / OMB Memo Asks Agencies to Send Monthly Continuous Monitoring Reports

OMB Memo Asks Agencies to Send Monthly Continuous Monitoring Reports

The Office of Management and Budget announced that agencies no longer need to do a three-year security reauthorization for information systems, Fierce Government IT reports.

Jeff Zients, OMB’s acting director, told agencies in a memo they should instead just enforce more frequent reporting of ongoing authorizations of information systems through continuous monitoring programs.

In the Oct. 2 memo, OMB said that agencies should submit monthly reports that follow the National Institute for Standards and Technology‘s guide on applying a risk management framework to information systems.

Zients noted that small and micro agencies are not required to send the monthly reports but are encouraged to do so.

The reports should also follow FISMA reporting guidance and be submitted to CyberScope every fifth day of the month, the memo said.

Agency chief information officers are required to respond to quarterly security posture questions while inspector generals will do so annually.

Continuous monitoring was part of a proposed update to the Federal Information Systems Management Act passed in April.

Check Also

DIU Accelerating Satcom, Space Tech Contract Awards

Col. Steve Butow, space portfolio director for the Defense Innovation Unit, said that the recently established agency is looking to issue its first contract award within 60 days, Space News reported Tuesday. “At DIU, we don’t like to pick winners, we build menus. Sometimes we get two solutions that are quite unique and we want both of them,” he noted during this year's Space Tech Expo in Pasadena, Calif. 

Leave a Reply

Your email address will not be published. Required fields are marked *