The National Institute of Standards and Technology (NIST) developed this guide in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. NIST is responsible for developing standards and guidelines, including minimum requirements, for providing adequate information security for all federal agency operations and assets, but such standards and guidelines shall not apply to national security systems. This guideline is consistent with the requirements of Office of Management and Budget (OMB) Circular A-130, Section 8b (3), (Securing Agency Information Systems) as analyzed in A-130, Appendix IV: Analysis of Key Sections. Supplemental.