Under some Federal contracts or grants, information the University collects, or information systems the University uses to store research results will need to comply with the information security requirements of FISMA.
In the context of FISMA, the term ‘information security’ means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity and availability.
If you have an RFP, grant or contract that includes FISMA compliance language, you should work with university officials to identify how the federal agency has categorized the information and information systems you will have access to. If necessary, subsequent collaboration with University IT to document security controls will follow.
Contact ResearchHelp@urmc.rochester.edu for assistance.