April 20, 2012
As ordered reported by the House Committee on Oversight and Government Reform on April 18, 2012
H.R. 4257 would amend the Federal Information Security Management Act of 2002 (FISMA) to improve the security of federal information technology systems. The legislation would require continuous monitoring of computer systems and provide the Office of Management and Budget (OMB) and federal agencies with specific new responsibilities to secure federal information systems.
Based on information from the Department of Homeland Security (DHS), the Office of Management and Budget (OMB), and other major agencies working to ensure the security of federal information systems, CBO estimates that implementing H.R. 4257 would cost $710 million over the 2013-2017 period, assuming appropriation of the necessary amounts. Most of those funds would be spent on salaries, expenses, and computer hardware and software. Enacting the bill would not affect direct spending or revenues; therefore, pay-as-you-go procedures do not apply.
H.R. 4257 contains no intergovernmental or private-sector mandates as defined in the Unfunded Mandates Reform Act (UMRA) and would impose no costs on state, local, or tribal governments.