Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Glossary

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z  |  Symbols

Authorization (as applied to an issuer)

Acronym(s):

None

Definition(s):

  The official management decision of the Designated Authorizing Official to permit operation of an issuer after determining that the issuer’s reliability has satisfactorily been established through appropriate assessment processes.
Source(s): NIST SP 800-79-2

Synonym(s):
Authorization (to operate)
  The official management decision given by a senior organizational official to authorize operation of an information system and to explicitly accept the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation based on the implementation of an agreed-upon set of security controls.
Source(s): NIST SP 800-137 NIST SP 800-161 NIST SP 800-37 Rev. 1 NIST SP 800-53 Rev. 4 NIST SP 800-30 NIST SP 800-39 CNSSI 4009-2015   The official management decision given by a senior organizational official to authorize operation of an information system and to explicitly accept the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation based on the implementation of an agreed-upon set of security controls and privacy controls.
Source(s): NIST SP 800-53A Rev. 4
See Also: