Question

A company contracted by the Department of Defense is bound to comply with the Federal Information Security Management Act (FISMA) to reduce the security risk to federal information and data while managing federal spending on information security. This compliance pertains to which type of legislation?

A. National
B. Industry specific
C. International
D. Non-regulatory

Answer 1

A company contracted by the Department of Defense is required to comply with FISMA as part of National legislation, which aims to protect federal information and optimize spending on information security within the United States. Option number b is correct.

Step-by-step explanation:

The compliance that a company contracted by the Department of Defense must adhere to under the Federal Information Security Management Act (FISMA) pertains to National legislation.

This act is one of several statutes, such as the National Security Act and the Patriot Act, that regulate government activity in the realm of information security and foreign policy. FISMA is designed to manage the risks to federal information and reduce federal spending on information security. National legislation like FISMA is part of a larger framework that includes the Freedom of Information Act (FOIA) and the Children's Online Privacy Protection Act (COPPA), intended to promote transparency and protect privacy within the boundaries of the United States.