Why Penetration Testing is Essential for FISMA Compliance?

Source Link: https://qualysec.com/penetration-testing-for-fisma-compliance/ 

FISMA requires federal agencies to create, document, and make operational an agency-wide program. That offers information security for the information and information systems that support agency operations and assets. This also extends to systems controlled by contractors or third parties. The act enforces a risk-driven approach to security, with the provision that agency resources are utilized optimally to secure sensitive information.