Initiation Phase

From FISMApedia
Jump to: navigation, search

The Initiation Phase consists of three tasks: (i) preparation; (ii) notification and resource identification; and (iii) system security plan analysis, update, and acceptance. The purpose of this phase is to ensure that the Authorizing Official and Senior Agency Information Security Officer are in agreement with the contents of the system security plan, including the system's documented security requirements, before the Certification Agent begins the assessment of the security controls in the information system.