Ver:
Decisión formal
de la autoridad por la que se autoriza la entrada en producción de un sistema
de información, aceptando el riesgo residual al que esté expuesta.
The official
management decision given by a senior organizational official to authorize
operation of an information system and to explicitly accept the risk to
organizational operations (including mission, functions, image, or reputation),
organizational assets, individuals, other organizations, and the Nation based
on the implementation of an agreed-upon set of security controls. [NIST-SP800-53:2013]
All components of
an information system to be authorized for operation by an authorizing official
and excludes separately authorized systems, to which the information system is
connected. [NIST-SP800-53:2013]
A senior
(federal) official or executive with the authority to formally assume
responsibility for operating an information system at an acceptable level of
risk to organizational operations (including mission, functions, image, or
reputation), organizational assets, individuals, other organizations, and the
Nation. [NIST-SP800-53:2013]
The official
management decision issued by a DAA or PAA to authorize operation of an
information system and to explicitly accept the residual risk to agency
operations (including mission, functions, image, or reputation), agency assets,
or individuals. See authorization to operate. [CNSSI_4009:2010]
The official
management decision given by a senior organizational official to authorize
operation of an information system and to explicitly accept the risk to
organizational operations (including mission, functions, image, or reputation),
organizational assets, individuals, other organizations, and the Nation based
on the implementation of an agreed-upon set of security controls.
[CNSSI_4009:2010]
Temporary
authorization granted by a DAA for an information system to process information
based on preliminary results of a security evaluation of the system. (To be
replaced by ATO and POA&M) [CNSSI_4009:2010]
Temas relacionados