Under which act is there a delegation of responsibility to develop federal information security standards?

The correct answer pertains to the Federal Information Security Management Act (FISMA), which delegates the responsibility for developing federal information security standards to the National Institute of Standards and Technology (NIST). This Act was established as part of the e-Government Act of 2002 and requires federal agencies to secure their information systems and provide guidance on security practices, emphasizing risk management and system protection.

The Computer Security Act, while it did establish some initial security requirements for federal computer systems, primarily aimed to set forth basic security principles and does not specifically delegate the development of comprehensive federal information security standards like FISMA does.

The other acts mentioned, such as the Homeland Security Act, primarily focus on broader elements of national security and emergency management, rather than the specific mechanisms of information security standard development. The Paperwork Reduction Act deals with minimizing the paperwork burden on individuals and businesses and is not related to information security standards either.

Understanding these distinctions clarifies the foundational role that FISMA plays in creating a structured approach to information security within federal agencies, guiding the creation and enforcement of relevant standards.