The Federal Information Security Management Act (FISMA) is a U.S. law enacted in 2002 to enhance the security of government information systems. It requires federal agencies to develop, document, and implement an information security program to protect sensitive data from unauthorized access and cyber threats. FISMA mandates regular assessments and reporting on the security status of these systems. Agencies must comply with standards set by the National Institute of Standards and Technology (NIST), ensuring a consistent approach to managing information security risks across the federal government.