Term:Accreditation
Contents
- 1 CNSSI 4009
- 2 DoDD 8581.01
- 3 DoDI 8100.03
- 4 DSS Glossary
- 5 GAO-09-232G
- 6 NIST FIPS 200
- 7 NIST IR 7298
- 8 NIST IR 7328 Draft
- 9 NIST SP 800-16
- 10 NIST SP 800-18r1
- 11 NIST SP 800-26
- 12 NIST SP 800-32
- 13 NIST SP 800-37
- 14 NIST SP 800-39 Draft 2
- 15 NIST SP 800-40
- 16 NIST SP 800-53A
- 17 NIST SP 800-53r1
- 18 NIST SP 800-53r2
- 19 NIST SP 800-60r1V1
- 20 NIST SP 800-60r1V2
- 21 NIST SP 800-79-1
- 22 NIST SP 800-82 Final Draft
- 23 NSTISSI 1000
CNSSI 4009
Accreditation - Formal declaration by a Designated Accrediting Authority (DAA) that an IS is approved to operate at an acceptable level of risk, based on the implementation of an approved set of technical, managerial, and procedural safeguards. (See security safeguards.)
DoDD 8581.01
Accreditation - Formal declaration by a DAA that an IS is approved to operate in a particular security mode at an acceptable level of risk, based on the implementation of an approved set of technical, managerial, and procedural safeguards ( reference (h)). E2.1.1.
DoDI 8100.03
Accreditation - Formal declaration by the DAA that an IT system is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk. E2.1.1.
DSS Glossary
Accreditation - Formal certification by a cognizant security authority that a facility, designated area, or information system has met Director of National Intelligence security standards for handling, processing, discussing, disseminating, or storing Sensitive Compartmented Information.
GAO-09-232G
Accreditation - The official management decision given by a senior agency/entity official to authorize operation of an information system and to explicitly accept the risk to agency/entity operations (including mission, functions, image, or reputation), agency/entity assets, or individuals, based on the implementation of an agreedupon set of security controls.
NIST FIPS 200
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.
NIST IR 7298
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. SOURCE: SP 800-53; FIPS 200
NIST IR 7328 Draft
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [FIPS 200, NIST SP 800- 37]
NIST SP 800-16
Accreditation - also known as authorize processing (OMB Circular A-130, Appendix III), and approval to operate. Accreditation (or authorization to process information) is granted by a management official and provides an important quality control. By accrediting a system or application, a manager accepts the associated risk. Accreditation ( authorization) must be based on a review of controls. (See Certification.)
NIST SP 800-18r1
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [NIST SP 800-37]
NIST SP 800-26
Accreditation - Accreditation is synonymous with the term authorize processing. Accreditation is the authorization and approval granted to a major application or general support system to process in an operational environment. It is made on the basis of a certification by designated technical personnel that the system meets pre-specified technical requirements for achieving adequate system security. See also Authorize Processing, Certification, and Designated Approving Authority.
NIST SP 800-32
Accreditation - Formal declaration by a Designated Approving Authority that an Information System is approved to operate in a particular security mode using a prescribed set of safeguards at an acceptable level of risk.
NIST SP 800-37
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.
NIST SP 800-39 Draft 2
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [FIPS 200, NIST SP 800-37]
NIST SP 800-40
Accreditation - The process by which certification is reviewed, and formal declaration made that a system is approved to operate and interconnect at an acceptable level of risk.
NIST SP 800-53A
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [FIPS 200, NIST SP 800-37]
NIST SP 800-53r1
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls.
NIST SP 800-53r2
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [FIPS 200, NIST SP 800-53r237]
NIST SP 800-60r1V1
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [FIPS 200, NIST SP 800-37]
NIST SP 800-60r1V2
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [FIPS 200, NIST SP 800-37]
NIST SP 800-79-1
Accreditation (as applied to a PCI)- The official management decision of the Designated [[Term:Accreditation Authority | Accreditation Authority]] to authorize operation of a PCI after determining that the PCI's reliability has satisfactorily being established through appropriate assessment processes.
NIST SP 800-82 Final Draft
Accreditation - The official management decision given by a [[Term:senior agency official | senior agency official]] to authorize operation of an information system and to explicitly accept the risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals, based on the implementation of an agreed-upon set of security controls. [NIST SP 800-53 Revision 1, Recommended Security Controls for Federal Information Systems, July 2006.]
NSTISSI 1000
Accreditation - Formal declaration by a Designated Approving Authority (DAA) that an IS is approved to operate in a particular security mode using a prescribed set of safeguards to an acceptable level of risk.
- Term
- CNSSI 4009 Terms
- CNSS Terms
- NIACAP Terms
- DIACAP Terms
- DoDD 8581.01 Terms
- DoD Terms
- DoDI 8100.03 Terms
- DSS Glossary Terms
- DSS Terms
- GAO-09-232G Terms
- FISCAM Terms
- GAO Terms
- NIST FIPS 200 Terms
- FISMA Terms
- NIST IR 7298 Terms
- NIST IR 7328 Draft Terms
- NIST Terms
- NIST SP 800-16 Terms
- NIST SP 800-18r1 Terms
- NIST SP 800-26 Terms
- NIST SP 800-32 Terms
- NIST SP 800-37 Terms
- NIST SP 800-39 Draft 2 Terms
- NIST SP 800-40 Terms
- NIST SP 800-53A Terms
- NIST SP 800-53r1 Terms
- NIST SP 800-53r2 Terms
- NIST SP 800-60r1V1 Terms
- NIST SP 800-60r1V2 Terms
- NIST SP 800-79-1 Terms
- HSPD-12 Terms
- NIST SP 800-82 Final Draft Terms
- NSTISSI 1000 Terms
- NSTISSC Terms
