Establecer un
acuerdo mediante el cual una organización externa realiza parte de una función
o proceso de una organización.
[UNE-ISO/IEC 27000:2014]
make an
arrangement where an external organization performs part of an organizations
function or process [ISO/IEC 27000:2014]
An information
system or component of an information system that is outside of the
authorization boundary established by the organization and for which the
organization typically has no direct control over the application of required
security controls or the assessment of security control effectiveness. [CNSSI_4009:2010]
An information
system service that is implemented outside of the authorization boundary of the
organizational information system (i.e., a service that is used by, but not a
part of, the organizational information system) and for which the organization
typically has no direct control over the application of required security
controls or the assessment of security control effectiveness. [CNSSI_4009:2010]
A network not
controlled by the organization. [CNSSI_4009:2010]
Temas relacionados