800-53|PM-10

Title

SECURITY AUTHORIZATION PROCESS

Description

The organization:

Supplemental

Security authorization processes for information systems and environments of operation require the implementation of an organization-wide risk management process, a Risk Management Framework, and associated security standards and guidelines. Specific roles within the risk management process include an organizational risk executive (function) and designated authorizing officials for each organizational information system and common control provider. Security authorization processes are integrated with organizational continuous monitoring processes to facilitate ongoing understanding and acceptance of risk to organizational operations and assets, individuals, other organizations, and the Nation.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: CA-6

Category: PROGRAM MANAGEMENT

Family: PROGRAM MANAGEMENT

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
Building Threat Protection Layers	amazon_aws	Tenable AWS Best Practice Audit
Conclusion	amazon_aws	Tenable AWS Best Practice Audit
Using Additional Application Security Practices	amazon_aws	Tenable AWS Best Practice Audit

Detections

Analytics