An official website of the United States government
Here's how you know
Official websites use .gov A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search | CMS Information Security and Privacy Program
Information and templates to ensure federal security standards are met when acquiring new IT products or services at CMSWhat are the security and privacy requirements for IT procurements …
A plan that defines the overarching strategy for managing risk associated with the operation of CMS FISMA systems. Introduction The Centers for Medicare & Medicaid Services (CMS) operates …
A plan designed to help CMS staff understand the specific requirements of the Privacy Program at CMS Privacy program at CMS Use and disclosure As authorized …
A volunteer board comprised of ISPG staff and the ISSO community designed to promote collaboration on cybersecurity and privacy issuesWhat is the CMS Information Security Advisory Board (CISAB)? The …
A structured list of the components and modules that make up a piece of software, and the supply chain relationships between themWhat is an SBOM? A “Software Bill of Materials” (SBOM …
Supporting the continuous compliance and safety of FISMA systems through proactive, ongoing monitoring activitiesWhat is Ongoing Authorization (OA)? All FISMA systems must be …
ISPG program that provides skilled Information System Security Officers (ISSOs) to CMS components in need of professional security and privacy supportWhat is ISSO As A Service (ISSOaaS)? Information System Security …
ISPG program that pairs CMS Information System Security Officers (ISSOs) with their peers for knowledge sharing and supportWhat is the ISSO Mentorship Program? The CMS ISSO Mentorship …