U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

external information system service

Definition(s):

  An information system service that is implemented outside of the authorization boundary of the organizational information system (i.e., a service that is used by, but not a part of, the organizational information system) and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.
Source(s):
CNSSI 4009-2015 from NIST SP 800-37 Rev. 1, NIST SP 800-53 Rev. 4
NIST SP 800-37 Rev. 1 [Superseded] under External Information System Service
NIST SP 800-53 Rev. 4 [Superseded] under External Information System Service

  A system service that is implemented outside of the authorization boundary of the organizational system (i.e., a service that is used by, but not a part of, the organizational system) and for which the organization typically has no direct control over the application of required security controls or the assessment of security control effectiveness.
Source(s):
NIST SP 800-171 Rev. 2 under external system service
NIST SP 800-171 Rev. 1 [Superseded] under external system service

  A system service that is implemented outside of the authorization boundary of the organizational system (i.e., a service that is used by, but not a part of, the organizational system) and for which the organization typically has no direct control over the application of required controls or the assessment of control effectiveness.
Source(s):
NIST SP 800-37 Rev. 2 under external system service

  A system service that is provided by an external service provider and for which the organization has no direct control over the implementation of required security and privacy controls or the assessment of control effectiveness.
Source(s):
NIST SP 800-53 Rev. 5 under external system service