One of the common standards, regulations and compliance frameworks. Federal Information Security Management Act of 2002 (FISMA) is mandated by United States federal law. Its primary aim is to reduce the security risk to federal information and data while managing federal spending on information security.