Chris DeRusha, the federal chief information security officer, said new FISMA metrics will ask agencies for more granular data on how they are meeting administration priorities.