Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Glossary

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z  |  Symbols

Authorizing Official (AO)

Acronym(s):
AO
Definition(s):

  Official with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals.
Source(s): FIPS 200
NIST SP 800-18 Rev. 1 (NIST SP 800-37)
NIST SP 800-60 Vol 1 Rev. 1 (FIPS 200, NIST SP 800-37)

  A senior (federal) official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.
Source(s): NIST SP 800-128 (CNSSI 4009)
NIST SP 800-37 Rev. 1
NIST SP 800-53 Rev. 4
NIST SP 800-137 (CNSSI 4009)
NIST SP 800-53A Rev. 4 (NIST SP 800-37)
CNSSI 4009-2015 (NIST SP 800-37 Rev. 1, NIST SP 800-53 Rev. 4)

  Senior (federal) official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.
Source(s): NIST SP 800-39 (CNSSI 4009)
NIST SP 800-30 (CNSSI 4009)

  Senior federal official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation.
Source(s): NIST SP 800-161 (CNSSI 4009)

Synonym(s):
See Also: