Skip to main content
Explore URMC

URMC CTSI

menu

FISMA

Federal Information Security Management Act (FISMA)

Under some Federal contracts or grants, information the University collects, or information systems the University uses to store research results will need to comply with the information security requirements of FISMA.

In the context of FISMA, the term ‘information security’ means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity and availability.

If you have an RFP, grant or contract that includes FISMA compliance language, you should work with university officials to identify how the federal agency has categorized the information and information systems you will have access to. If necessary, subsequent collaboration with University IT to document security controls will follow.

Contact the Research Help Desk for assistance.