The Federal Information Security Management Act (FISMA) provides a framework to protect government information operations against security threats. H.R. 5300 would clarify that, under FISMA, federal agencies have the sole and exclusive authority to take appropriate and timely actions to secure their information technology and information systems. CBO estimates that implementing H.R. 5300 would clarify Congressional intent, but it would have no significant effect on the federal budget because it would not expand the duties of executive agencies.
Enacting the bill could affect direct spending by agencies not funded through annual appropriations; therefore, pay-as-you-go procedures apply. CBO estimates, however, that any net change in spending by those agencies would be negligible. Enacting H.R. 5300 would not affect revenues.
CBO estimates that enacting H.R. 5300 would not significantly increase net direct spending or on-budget deficits in any of the four consecutive 10-year periods beginning in 2029.
H.R. 5300 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act.
