****FIPS (Federal Information Processing Standards) are standards describing the document processing, encryption algorithms and other information technology standards for use by non-military US Government agencies and the contractors and vendors working with them.
FIPS are developed by National Institute of Standards and Technology (NIST) when required by statute and/or as needed due to compelling federal government cyber security requirements. NIST issues FIPS publications pursuant to the Section 5131 of the Information Technology Management Reform Act of 1996 (Public Law 104-106), and the Computer Security Act of 1987 (Public Law 100-235).
The Federal Information Security Management Act (FISMA) of 2002 (as amended by the Federal Information Security Modernization Act (FISMA) of 2014) does not include a statutory provision allowing federal agencies to waive the provisions of mandatory FIPS publications. Such waivers were previously allowed under the Computer Security Act which was superseded by FISMA.
FIPS publications are not applicable to national security systems.