The type of organization that is the authority for the checklist. The three types are Governmental Authority, Software Vendor, and Third Party (e.g., security organizations).
Sources:
NIST SP 800-70 Rev. 4