All components of an information system to be authorized for operation by an authorizing official and excludes separately authorized systems, to which the information system is connected.
Sources:
NIST SP 800-137
under Authorization Boundary
NIST SP 800-30 Rev. 1
under Authorization Boundary
from
CNSSI 4009
NIST SP 800-39
under Authorization Boundary