U.S. O.M.B. A-130 Authoritative Source Content

Document created by Susan Read-Miller Employee on Apr 30, 2018Last modified by Susan Read-Miller Employee on Aug 19, 2019
Version 7Show Document
  • View in full screen mode

Agencies of the Federal Government depend on the secure acquisition, processing, storage, transmission, and disposition of information to carry out their core missions and business functions. Federal agencies must implement information security programs and privacy programs with the flexibility to meet current and future information management needs and the sufficiency to comply with Federal requirements. Agency programs must have the capability to identify, respond to, and recover from current threats while protecting their information resources and the privacy of the individuals whose information they maintain. The programs must also have the capability to address new and emerging threats. To be effective, information security and privacy considerations must be part of the day-to-day operations of agencies.

 

Appendix I to O.M.B. Circular No. A-130 establishes:

  • Minimum requirements for Federal information security programs
  • Assigns Federal agency responsibilities for the security of information and information systems
  • Links agency information security programs and agency management control systems established in accordance with OMB Circular No. A-123.

 

Appendix III to O.M.B. Circular No. A-130 establishes:

  • A minimum set of controls to be included in Federal automated information security programs
  • Assigns Federal agency responsibilities for the security of automated information
  • Links agency automated information security programs and agency management control systems established in accordance with O.M.B. Circular No. A-123.

 

The Appendix revises procedures formerly contained in Appendix III to O.M.B. Circular No. A-130 (50 FR 52730; December 24, 1985), and incorporates requirements of the Computer Security Act of 1987 (P.L. 100-235) and responsibilities assigned in applicable national security directives.

 

RSA Archer provides authoritative source content for the following U.S. O.M.B. Circular No. A-130 Appendices:

 

Languages

This content is available in English only.

 

Mappings

Control standard mappings are not available for this authoritative source.

 

Content Source

Links to the content sources are provided in the listing above.

 

Licensing Restrictions

The authoritative source content is available with the use of the RSA Archer Policy Program Management, RSA Archer Controls Monitoring Program Management, and/or RSA Archer Authorization and Assessment use cases. No additional license is required.

 

For More Information

To learn more about the U.S. O.M.B. Circular No. A-130 Authoritative Source Content:

 

For Additional Support

To learn more about this content, please contact your Account Rep for additional details. For technical support questions, please open a support case or contact RSA Archer at archersupport@rsa.com for more information.

Attachments

    Outcomes