Estimated reading time: 1 minute

The Federal Information Security Management Act (FISMA) is federal law that requires the U.S. Federal government to adhere to stringent information security requirements for all information systems that it operates. FISMA is implemented through a combination of publications and guidance documents developed by the National Institute of Standards and Technology (NIST), mandatory Federal Information Processing Standards (FIPS), memorandums and circulars published by the Office of Management and Budget (OMB), and various other agencies and regulatory authorities that are tasked with coordinating information security-related initiatives.

To help satisfy FISMA requirements when Docker Enterprise Edition is included as part of your information system, we’ve provided guidance that aligns to one of the law’s key documents, NIST Special Publication (SP) 800-37, Guide for Applying the Risk Management Framework to Federal Information Systems: a security Life Cycle Approach (link to external publication).

We’ll be updating this section with additional guidance for other FISMA-related documents over time.

standards, compliance, security