NIST, DCID 6/3, DITSCAP, DIACAP, NIACAP, ISO See NIST SP 800-37 Rev 1 Appendix D and CNSS Instruction No. Roles and Responsibilities Auditor System Administrator/Manager Business Unit Manager Project Manager Risk Analyst Facility Manager Executive Management Authorization Advocate User Representative Information Security Architect Information Systems Security Engineer Different C & A frameworks use different names e.g.Roles and Responsibilities Head of Agency or CEO Risk Executive (function) Chief Information Officer (CIO) Chief Information Security Officer (CISO) Information Owner/Custodian Information System Owner (System Owner) Information Systems Security Officer (ISSO) Security Control Assessor (Certifying Agent) Authorizing Official (AO) Approving Authority (AA) Common Control Provider Approving Authority Designated Representative Different C & A frameworks use different names e.g.Hester all rights reserved Read: NIST SP 800-37 Rev 1, Appendix D Read: Official (ISC)2 Guide to CAP CBK Second Edition Chapter 1 pg 49-62 Read: DoDI 8500.2 Read: NSTISSI No. Picture: Empire Mine, Nevada City, CA Photo by Donald E. Hester Picture: Muir Beach, North of San Francisco, CA, Photo by Donald E.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |