The IT Law Wiki

Authorizing official

32,081pages on
this wiki
Add New Page
Add New Page Talk0

Definitions Edit

U.S. government Edit

An authorizing official (AO) (also called an accreditation authority) is an

[o]fficial with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to agency operations (including mission, functions, image, or reputation), agency assets, or individuals.[1]
[t]he key stakeholder with the responsibility and authority to determine that the system delivered by the engineering effort meets its requirements and may be offered for use.[2]

References Edit

  1. NIST Special Publication 800-60, Vol. I, Rev. 1, at A-1; FIPS 200, NIST Special Publication 800-37.
  2. NIST Special Publication 800-160, at B-3.

Also on Fandom

Random Wiki